RE: Retrieving SHG Password


#1

I prefer using the “generate a new password and email it” option
mentioned below because it’s much more secure.

Here’s some code I found to generate a random password… I’m using this
in my apps

create a new password.

def newpass( len )
chars = (“a”…“z”).to_a + (“A”…“Z”).to_a + (“0”…“9”).to_a
newpass = “”
1.upto(len) { |i| newpass << chars[rand(chars.size-1)] }
return newpass
end

On 11/25/05, Manuel H. removed_email_address@domain.invalid wrote:

Am 25.11.2005 um 23:29 schrieb Nicholas Van W.:

> How does one retrive an encryped password generated with the

Salted
> Login Generator?

The whole idea of encrypting a password with MD5 or crypt (which

SLG
uses) is that the password is hard - if not impossible - do
decrypt.
There is “no way” of retrieving a password.

This secures passwords against stealing a user database, for

example.
The only way you can allow users to log in again is to generate
a new
password and send it to the email adress they specified on
registration.

Regards

Manuel H.


_______________________________________________
Rails mailing list
removed_email_address@domain.invalid
http://lists.rubyonrails.org/mailman/listinfo/rails