error on EncryptedPasswords - Web Wiz Support and Community Forums

ok it works from the user side, but not admin side

Did you also set the blnEncryptedPasswords to False in the admin/common.asp?

One reason you might want to reconsider your decision to not use encryption is the total lack of concern for security by most users. If given the chance, users will use their most commonly used password for the forum. If they have the ability to set their own network password, they will use the same password for the forum. If their network password is exposed as plain text in a SQL or worse an Access table, the security of your network is easily compromised. If your forum can be touched by the public internet, you might as well just publish a list of network usernames and passwords. Assuming your forum has a magical firewall that blocks hackers from getting to your forum, the plaintext passwords are still accessible to the forum users.

There's just so little pain involved in using the encryption and so much pain involvded with a compromised database that not using encryption is such a serious consideration, that all security experts would try talk you out of it.

-boRg- this makes me think that maybe you should put some code in that will let end-users know that passwords are or are not encrypted. I feel pretty safe using one of my fairly typical passwords on a Web Wiz forum, but I guess I never even considered that there would be admins actually preferring plain text passwords. Now I wonder how many admins have made the change.

p.s. I'm not affiliated with Web Wiz Guide in any way. I'm just an average Web Wiz user repaying my debt for the use of their fine forum by trying to help other Web Wiz Guide users.