Thread: User Passwords
View Single Post
  #5  
Old 17th May 2008, 16:04
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

Quote:
Originally Posted by flipkick
It will be a bad feature to keep plain passwords in mysql databases considering security issues. You'll have a big problem when someone hacks ALL secret password with a single exploit.

It's quite better to set the user a new password like the big hosting companies i know do it. A "lost password" function for the user would also make sense.
I second that.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote