1 post • joined Tuesday 23rd September 2008 21:50 GMT
I don't think you get the concept.
1. DO NOT store plaintext passwords in a database.
2. DO NOT store the information required to verify passwords in the same database as the passwords.
3. If a user forgets a password, generate a new one and send it to them.
- Xmas Round-up Ten top tech toys to interface with a techie’s Christmas stocking
- Google embiggens its fat vid pipe Chromecast with TEN new supported apps
- Microsoft: Don't listen to 4chan ... especially the bit about bricking Xbox Ones
- Shivering boffins nail Earth's coldest spot
- Thought your Android phone was locked? THINK AGAIN