1 post • joined 23 Sep 2008
I don't think you get the concept.
1. DO NOT store plaintext passwords in a database.
2. DO NOT store the information required to verify passwords in the same database as the passwords.
3. If a user forgets a password, generate a new one and send it to them.
- NASA boffin: RIDDLE of odd BULGE FOUND on MOON is SOLVED
- SOULLESS machine-intelligence ROBOT cars to hit Blighty in 2015
- BuzzGasm! Thirteen Astonishing True Facts You Never Knew About SCREWS
- Worstall on Wednesday YES, iPhones ARE getting slower with each new release of iOS
- Tor attack nodes RIPPED MASKS off users for 6 MONTHS