Author |
Topic  |
|
ManniX
Starting Member
20 Posts |
Posted - 02 July 2003 : 13:00:57
|
As always, i have searched on the topic but found nothing. Only that it is impossible for admins to view current passwords of members with the original base code. in which case i'm probably posting in the wrong forum? If I am then i apologise.
I opened up the database and the passwords are obviously encypted and i saw no way of working out how to un-encrypt them. is there any way of seeing these as real passwords?
Any feedback is appreciated and information on mods to enable this would be most helpful. I did look through the mod forum but saw no nothing.
Thanks in advance. |
|
ruirib
Snitz Forums Admin
    
Portugal
26364 Posts |
|
Astralis
Senior Member
   
USA
1218 Posts |
Posted - 02 July 2003 : 18:03:22
|
Smart. I never thought of that because I always try to stay away from looking at members' passwords with my other programs. Is that function within the database? Or is it part of the ASP code? |
 |
|
PeeWee.Inc
Senior Member
   
United Kingdom
1893 Posts |
Posted - 02 July 2003 : 18:32:23
|
inc_sha(some numbers here).asp
I cant remember the numbers of the top of my head.
There was once a MOD made to show members passwords but, the MOD was taken down. To show a members password is to take a step back.
Why would you need to see a members password? |
De Priofundus Calmo Ad Te Damine |
 |
|
ruirib
Snitz Forums Admin
    
Portugal
26364 Posts |
|
Astralis
Senior Member
   
USA
1218 Posts |
Posted - 03 July 2003 : 10:45:27
|
quote:
Why would you need to see a members password?
When everything is available to see in the database anyhow, it really wouldn't matter. Some members in the past, though, have asked me what their password was because they couldn't retrieve it from the lost password script. |
 |
|
ruirib
Snitz Forums Admin
    
Portugal
26364 Posts |
|
Nikkol
Forum Moderator
    
USA
6907 Posts |
Posted - 03 July 2003 : 11:07:07
|
quote: Originally posted by Astralis
Some members in the past, though, have asked me what their password was because they couldn't retrieve it from the lost password script.
So, in that case, just change it for them and tell them what the new one is. |
Nikkol ~ Help Us Help You | ReadMe | 3.4.03 fixes | security fixes ~ |
 |
|
PeeWee.Inc
Senior Member
   
United Kingdom
1893 Posts |
Posted - 03 July 2003 : 16:29:35
|
if the password is stored in the DB then if someone downloads the DB they have all the passwords. |
De Priofundus Calmo Ad Te Damine |
 |
|
Reinsnitz
Snitz Forums Admin
    
USA
3545 Posts |
Posted - 03 July 2003 : 17:50:08
|
Mannix,
If you are just wanting to use the password as a verbal or email verification, you could just write a script to encrypt the database and compare the resulting code with what is in the database... but that is your only bet for comparing... otherwise do what Nikkol said. |
Reinsnitz (Mike) |
 |
|
|
Topic  |
|