October 27, 2020, 06:11:42 AM
News: Hey, we have forums!
  Pages: [1]
Print
Author Topic: Please stop the forum from mailing the password to new users  (Read 5327 times)
kolAflash
Mini Bit
**
Posts: 2


View Profile
« on: June 22, 2013, 01:19:33 AM »

Currently the forum mails the password after creating an account. That's an absolute bad security practice! Just mail the activation link, that's enough.

By the way:
Do you save the password as salted hashes? Please don't save the original password! This describes why (not just for PHP).
http://php.net/manual/en/faq.passwords.php
Logged
Kateweb
Mini Bit
**
Posts: 3


View Profile
« Reply #1 on: January 12, 2014, 06:20:35 PM »

I was pissed when I saw my password in plain text and had to create a new one.
Logged
  Pages: [1]
Print
Jump to: