|
Have +5 for Monday!
For the kind of lob apps I write, it is mandatory that the system is able to recall passwords for end users. The passwords are simply encrypted in the database. I don't believe this practice to be a security risk...besides, we aren't protecting sensitive data.
"Go forth into the source" - Neal Morse
"Hope is contagious"
|
|
|
|
|
If you can decrypt the passwords, so can the hackers. It is safer to store the hash.
If you think 'goto' is evil, try writing an Assembly program without JMP.
|
|
|
|
|
kmoorevs wrote: I don't believe this practice to be a security risk
Well, maybe not in terms of your app, but considering people aren't always careful about using different passwords across different platforms, it might be an external security risk. i.e. if user jdoe42 has password "hello world" in your app, chances are its "hello world" for his gmail, facebook, twitter, bank, yadda yadda yadda ...
Keep Calm and Carry On
|
|
|
|
|
I think recalling passwords for users is simply wrong.
It exposes a vector of attack, and if attacked, their passwords are then known.
I cannot think of a good reason to store someone's password. If they need a new one,
let them generate it via an email link, etc.
But the number of times a site has emailed me "Thanks for signing up... Remember your password is: abc123",
and I am thinking to myself...WHY? I usually go and delete the account...
Super Long passwords, and a password manager. Done.
|
|
|
|
|
Net engendered gentleman's affairs (13)
|
|
|
|
|
|
YAUT
|
|
|
|
|
Why affairs Greg ?
"Life should not be a journey to the grave with the intention of arriving safely in a pretty and well-preserved body, but rather to skid in broadside in a cloud of smoke, thoroughly used up, totally worn out, and loudly proclaiming “Wow! What a Ride!" - Hunter S Thompson - RIP
|
|
|
|
|
An entanglement can refer to a romantic affair.
|
|
|
|
|
Ok
Your not going to sell many books at this price
Robust Communications Software
"Life should not be a journey to the grave with the intention of arriving safely in a pretty and well-preserved body, but rather to skid in broadside in a cloud of smoke, thoroughly used up, totally worn out, and loudly proclaiming “Wow! What a Ride!" - Hunter S Thompson - RIP
modified 5-Apr-22 6:01am.
|
|
|
|
|
|
Are we on midday CCC ?
"Life should not be a journey to the grave with the intention of arriving safely in a pretty and well-preserved body, but rather to skid in broadside in a cloud of smoke, thoroughly used up, totally worn out, and loudly proclaiming “Wow! What a Ride!" - Hunter S Thompson - RIP
|
|
|
|
|
The North American colony is rebelling once again. Looks like the Canadian loyalists have captured the flag.
|
|
|
|
|
I'll take that as a yes
"Life should not be a journey to the grave with the intention of arriving safely in a pretty and well-preserved body, but rather to skid in broadside in a cloud of smoke, thoroughly used up, totally worn out, and loudly proclaiming “Wow! What a Ride!" - Hunter S Thompson - RIP
|
|
|
|
|
Stars are still out and no coffee yet. Who could be in a puzzle solving frame of mind?
|
|
|
|
|
What does the stars' visibility have to do with it?
No coffee; however...
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows.
-- 6079 Smith W.
|
|
|
|
|
Canadia doesn't work to human schedules ...
@GregUtas
Where's the CCC?
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
What does CCC stand for. Codeproject Comment Committee?
|
|
|
|
|
I believe it stands for: Cryptic Crossword Clue
It's a cryptic crossword solving game played by some CP members on weekdays. I think the "official" full name of the game is: WSO CCC OTD, which stands for "Winner Stays On Cryptic Crossword Clue Of The Day".
The rules of the game can be found near the bottom of OriginalGriff's CP profile.
|
|
|
|
|
I had some help, but I got the Arduino Framework running under PlatformIO with the ESP32-S3 that's still not in mass production yet, meaning i can adopt it early and start writing code for it.
I've been waiting for this. I've had an S3 collecting dust on the shelf since last December or so. I'm thrilled to be able to unbox it finally.
To err is human. Fortune favors the monsters.
|
|
|
|
|
Wordle 289 5/6
⬜⬜⬜⬜⬜
⬜🟨⬜⬜⬜
🟩🟨⬜🟨⬜
🟩🟩🟩⬜🟩
🟩🟩🟩🟩🟩
|
|
|
|
|
Was a close call today.
Wordle 289 6/6
🟨⬜⬜⬜⬜
⬜⬜⬜🟨⬜
⬜🟨⬜⬜⬜
⬜🟨🟩⬜⬜
🟩🟩🟩⬜🟩
🟩🟩🟩🟩🟩
|
|
|
|
|
Wordle 289 5/6
⬜⬜🟩⬜⬜
⬜🟨🟩🟨⬜
⬜⬜🟩🟨🟨
🟩🟨🟩⬜⬜
🟩🟩🟩🟩🟩
|
|
|
|
|
Not an easy one:
Wordle 289 5/6
⬜🟨⬜🟨⬜
🟨⬜🟩⬜🟨
⬜🟨🟩🟨⬜
🟩🟨🟩⬜⬜
🟩🟩🟩🟩🟩
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
5/6
⬜🟨⬜🟨⬜
🟨⬜⬜⬜⬜
⬜🟩⬜⬜⬜
🟩🟩🟩🟨⬜
🟩🟩🟩🟩🟩
That's a damn difficult word to get.
GCS/GE d--(d) s-/+ a C+++ U+++ P-- L+@ E-- W+++ N+ o+ K- w+++ O? M-- V? PS+ PE Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- r+++ y+++* Weapons extension: ma- k++ F+2 X
|
|
|
|