I prefer using the “generate a new password and email it” option
mentioned below because it’s much more secure.
Here’s some code I found to generate a random password… I’m using this
in my apps
create a new password.
def newpass( len )
chars = (“a”…“z”).to_a + (“A”…“Z”).to_a + (“0”…“9”).to_a
newpass = “”
1.upto(len) { |i| newpass << chars[rand(chars.size-1)] }
return newpass
end
On 11/25/05, Manuel H. [email protected] wrote:
Am 25.11.2005 um 23:29 schrieb Nicholas Van W.:
> How does one retrive an encryped password generated with the
Salted
> Login Generator?
The whole idea of encrypting a password with MD5 or crypt (which
SLG
uses) is that the password is hard - if not impossible - do
decrypt.
There is “no way” of retrieving a password.
This secures passwords against stealing a user database, for
example.
The only way you can allow users to log in again is to generate
a new
password and send it to the email adress they specified on
registration.
Regards
Manuel H.
_______________________________________________
Rails mailing list
[email protected]
http://lists.rubyonrails.org/mailman/listinfo/rails