|
Joined: Dec 2006
Posts: 1
stranger
|
stranger
Joined: Dec 2006
Posts: 1 |
Can an admin see user passwords in plain text? Thanks in advance.
|
|
|
|
Joined: Jun 2006
Posts: 9,242 Likes: 1
Former Developer
|
Former Developer
Joined: Jun 2006
Posts: 9,242 Likes: 1 |
No, all passwords are stored in the database in MD5 format which cannot be decrypted.
|
|
|
|
Joined: Jun 2006
Posts: 16,369 Likes: 126
|
Joined: Jun 2006
Posts: 16,369 Likes: 126 |
It's also good to state that storing passwords in plain text could be a security issue (in several ways), encoding in MD5 is at least better than leaving it as plain text.
|
|
|
|
Joined: Nov 2006
Posts: 3,095 Likes: 1
Carpal Tunnel
|
Carpal Tunnel
Joined: Nov 2006
Posts: 3,095 Likes: 1 |
which cannot be decrypted hmmmm... care to make a wager on that Rick LOL - Okay, in general it is safe, but not uncrackable. .
|
|
|
|
Joined: Jun 2006
Posts: 16,369 Likes: 126
|
Joined: Jun 2006
Posts: 16,369 Likes: 126 |
MD5 cannot be decrypted, however the hash can be compared against a hash database; which is why I recommend using a dual salt when MD5'ing anything :nods:
|
|
|
|
Joined: Nov 2006
Posts: 3,095 Likes: 1
Carpal Tunnel
|
Carpal Tunnel
Joined: Nov 2006
Posts: 3,095 Likes: 1 |
Well actually I'd have to find the link but just about 2 monts ago I was reading where it can and was, but for now since I don't have the link I'll stand down on it But if I find the link I'll be back to say so. Regardless, just a matter of time.
|
|
|
|
Joined: Jun 2006
Posts: 16,369 Likes: 126
|
Joined: Jun 2006
Posts: 16,369 Likes: 126 |
I'd love to see it, I've not heard of anyway to decrypt an MD5 hash, I know it's not secure if unsalted as there are tons of hash comparison sites, but it goes a long way...
|
|
|
1 members (Ruben),
1,793
guests, and
97
robots. |
Key:
Admin,
Global Mod,
Mod
|
|
|
|