Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
Password:
Save Password
Forgot your Password?

 All Forums
 Help Groups for Snitz Forums 2000 Users
 Help: General / Classic ASP versions(v3.4.XX)
 Admins view members passwords?
 New Topic  Topic Locked
 Printer Friendly
Author Previous Topic Topic Next Topic  

ManniX
Starting Member

20 Posts

Posted - 02 July 2003 :  13:00:57  Show Profile
As always, i have searched on the topic but found nothing. Only that it is impossible for admins to view current passwords of members with the original base code. in which case i'm probably posting in the wrong forum? If I am then i apologise.

I opened up the database and the passwords are obviously encypted and i saw no way of working out how to un-encrypt them.
is there any way of seeing these as real passwords?

Any feedback is appreciated and information on mods to enable this would be most helpful. I did look through the mod forum but saw no nothing.

Thanks in advance.

ruirib
Snitz Forums Admin

Portugal
26364 Posts

Posted - 02 July 2003 :  13:06:33  Show Profile  Send ruirib a Yahoo! Message
That is not possible. The algorithm used is a one way conversion algorithm, so you cannot retrieve the unencrypted passwords.


Snitz 3.4 Readme | Like the support? Support Snitz too
Go to Top of Page

Astralis
Senior Member

USA
1218 Posts

Posted - 02 July 2003 :  18:03:22  Show Profile  Send Astralis a Yahoo! Message
Smart. I never thought of that because I always try to stay away from looking at members' passwords with my other programs. Is that function within the database? Or is it part of the ASP code?
Go to Top of Page

PeeWee.Inc
Senior Member

United Kingdom
1893 Posts

Posted - 02 July 2003 :  18:32:23  Show Profile  Visit PeeWee.Inc's Homepage
inc_sha(some numbers here).asp

I cant remember the numbers of the top of my head.

There was once a MOD made to show members passwords but, the MOD was taken down. To show a members password is to take a step back.

Why would you need to see a members password?

De Priofundus Calmo Ad Te Damine
Go to Top of Page

ruirib
Snitz Forums Admin

Portugal
26364 Posts

Posted - 02 July 2003 :  18:39:31  Show Profile  Send ruirib a Yahoo! Message
The file is inc_sha256.asp.


Snitz 3.4 Readme | Like the support? Support Snitz too
Go to Top of Page

Astralis
Senior Member

USA
1218 Posts

Posted - 03 July 2003 :  10:45:27  Show Profile  Send Astralis a Yahoo! Message
quote:

Why would you need to see a members password?



When everything is available to see in the database anyhow, it really wouldn't matter. Some members in the past, though, have asked me what their password was because they couldn't retrieve it from the lost password script.
Go to Top of Page

ruirib
Snitz Forums Admin

Portugal
26364 Posts

Posted - 03 July 2003 :  11:04:47  Show Profile  Send ruirib a Yahoo! Message
Not having the password means that users cannot be impersonated, when the forum is hacked, as it happened with previous versions.


Snitz 3.4 Readme | Like the support? Support Snitz too
Go to Top of Page

Nikkol
Forum Moderator

USA
6907 Posts

Posted - 03 July 2003 :  11:07:07  Show Profile
quote:
Originally posted by Astralis

Some members in the past, though, have asked me what their password was because they couldn't retrieve it from the lost password script.

So, in that case, just change it for them and tell them what the new one is.

Nikkol ~ Help Us Help You | ReadMe | 3.4.03 fixes | security fixes ~
Go to Top of Page

PeeWee.Inc
Senior Member

United Kingdom
1893 Posts

Posted - 03 July 2003 :  16:29:35  Show Profile  Visit PeeWee.Inc's Homepage
if the password is stored in the DB then if someone downloads the DB they have all the passwords.

De Priofundus Calmo Ad Te Damine
Go to Top of Page

Reinsnitz
Snitz Forums Admin

USA
3545 Posts

Posted - 03 July 2003 :  17:50:08  Show Profile  Visit Reinsnitz's Homepage  Send Reinsnitz an AOL message  Send Reinsnitz an ICQ Message  Send Reinsnitz a Yahoo! Message
Mannix,

If you are just wanting to use the password as a verbal or email verification, you could just write a script to encrypt the database and compare the resulting code with what is in the database... but that is your only bet for comparing... otherwise do what Nikkol said.

Reinsnitz (Mike)
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Topic Locked
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 1.68 seconds. Powered By: Snitz Forums 2000 Version 3.4.07