how is a password sent with PasswordRecovery?

Discussion in 'ASP .Net' started by Ben, Apr 20, 2007.

  1. Ben

    Ben Guest

    Hi,

    when a password is sent to the user via email with the PasswordRecovery
    control, is it sent in "clear" even if the password is hashed or encrypted?

    Thanks
    Ben
    Ben, Apr 20, 2007
    #1
    1. Advertising

  2. You can only use this if you have stored your passwords with the cleartext
    option. Otherwise, normally only a hash is stored, and so you would need to
    generate a new password for the user and email that to them.
    Peter

    --
    Site: http://www.eggheadcafe.com
    UnBlog: http://petesbloggerama.blogspot.com
    Short urls & more: http://ittyurl.net




    "Ben" wrote:

    > Hi,
    >
    > when a password is sent to the user via email with the PasswordRecovery
    > control, is it sent in "clear" even if the password is hashed or encrypted?
    >
    > Thanks
    > Ben
    >
    >
    >
    =?Utf-8?B?UGV0ZXIgQnJvbWJlcmcgW0MjIE1WUF0=?=, Apr 20, 2007
    #2
    1. Advertising

  3. Ben

    Ben Guest

    Thanks for replying.
    May i ask this:
    1) The new generated hashed password sent to the mailadrress, is it sent in
    "clear"?
    2) if the passwordformat is encrypted, no passwordrecovery is then possible
    or a new one must be generated ?

    Thanks

    "Peter Bromberg [C# MVP]" <> schreef in
    bericht news:...
    > You can only use this if you have stored your passwords with the cleartext
    > option. Otherwise, normally only a hash is stored, and so you would need
    > to
    > generate a new password for the user and email that to them.
    > Peter
    >
    > --
    > Site: http://www.eggheadcafe.com
    > UnBlog: http://petesbloggerama.blogspot.com
    > Short urls & more: http://ittyurl.net
    >
    >
    >
    >
    > "Ben" wrote:
    >
    >> Hi,
    >>
    >> when a password is sent to the user via email with the PasswordRecovery
    >> control, is it sent in "clear" even if the password is hashed or
    >> encrypted?
    >>
    >> Thanks
    >> Ben
    >>
    >>
    >>
    Ben, Apr 20, 2007
    #3
  4. Ben

    Ben Guest

    Thanks.
    The answer is:
    1) yes
    2) clear or encrypted: can be sent (both as cleartext); hashed: must be
    reset (new pw).


    "Ben" <> schreef in bericht
    news:%...
    > Thanks for replying.
    > May i ask this:
    > 1) The new generated hashed password sent to the mailadrress, is it sent
    > in "clear"?
    > 2) if the passwordformat is encrypted, no passwordrecovery is then
    > possible or a new one must be generated ?
    >
    > Thanks
    >
    > "Peter Bromberg [C# MVP]" <> schreef in
    > bericht news:...
    >> You can only use this if you have stored your passwords with the
    >> cleartext
    >> option. Otherwise, normally only a hash is stored, and so you would need
    >> to
    >> generate a new password for the user and email that to them.
    >> Peter
    >>
    >> --
    >> Site: http://www.eggheadcafe.com
    >> UnBlog: http://petesbloggerama.blogspot.com
    >> Short urls & more: http://ittyurl.net
    >>
    >>
    >>
    >>
    >> "Ben" wrote:
    >>
    >>> Hi,
    >>>
    >>> when a password is sent to the user via email with the PasswordRecovery
    >>> control, is it sent in "clear" even if the password is hashed or
    >>> encrypted?
    >>>
    >>> Thanks
    >>> Ben
    >>>
    >>>
    >>>

    >
    >
    Ben, Apr 20, 2007
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?am1obWFpbmU=?=

    PasswordRecovery Control - Control Random Password Characters

    =?Utf-8?B?am1obWFpbmU=?=, Dec 31, 2006, in forum: ASP .Net
    Replies:
    1
    Views:
    778
    rodean
    Feb 15, 2008
  2. Homer
    Replies:
    2
    Views:
    377
    Homer
    Aug 8, 2007
  3. Ghistos
    Replies:
    4
    Views:
    422
    JackPot
    Jul 29, 2008
  4. AAaron123
    Replies:
    2
    Views:
    2,090
    AAaron123
    Jan 16, 2009
  5. Jonathan Woodward

    PasswordRecovery Control, Limiting Random Password to Alphanumeric

    Jonathan Woodward, Apr 27, 2006, in forum: ASP .Net Web Controls
    Replies:
    0
    Views:
    186
    Jonathan Woodward
    Apr 27, 2006
Loading...

Share This Page