Forum: Ruby on Rails RE: Retrieving SHG Password

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
HOGANBP (Guest)
on 2005-11-26 18:42
(Received via mailing list)
I prefer using the "generate a new password and email it" option
mentioned below because it's much more secure.

Here's some code I found to generate a random password... I'm using this
in my apps



  # create a new password.
  def newpass( len )
    chars = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a
    newpass = ""
    1.upto(len) { |i| newpass << chars[rand(chars.size-1)] }
    return newpass
  end






On 11/25/05, Manuel H. <removed_email_address@domain.invalid> wrote:


	Am 25.11.2005 um 23:29 schrieb Nicholas Van W.:

	> How does one retrive an encryped password generated with the
Salted
	> Login Generator?

	The whole idea of encrypting a password with MD5 or crypt (which
SLG
	uses) is that the password is hard - if not impossible - do
decrypt.
	There is "no way" of retrieving a password.

	This secures passwords against stealing a user database, for
example.
	The only way you can allow users to log in again is to generate
a new
	password and send it to the email adress they specified on
registration.

	Regards

	Manuel H.


	_______________________________________________
	Rails mailing list
	removed_email_address@domain.invalid
	http://lists.rubyonrails.org/mailman/listinfo/rails
This topic is locked and can not be replied to.