How disabled the crypted password?
Printed From: Web Wiz Forums
Category: Web Wiz Web App Support Forums
Forum Name: Web Wiz Forums
Forum Description: Support forum for Web Wiz Forums application.
URL: https://forums.webwiz.net/forum_posts.asp?TID=4174
Printed Date: 02 April 2026 at 4:56am
Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com
Topic: How disabled the crypted password?
Posted By: Samsp
Subject: How disabled the crypted password?
Date Posted: 10 July 2003 at 4:08am
|
hello I would like simple password (not crypted) How can I do that? thx u very much! |
Replies:
Posted By: WebWiz-Bruce
Date Posted: 10 July 2003 at 4:12am
|
That would not be easy and would require many of the pages to be re-written, the main ones will be the registration page, the login page and the common.asp files. ------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Posted By: edgard
Date Posted: 10 July 2003 at 5:50am
|
and if someone forgets its password, it would be nice to send him again by e-mail, instead of sending a new one ... is it easier -boRg- |
Posted By: ljamal
Date Posted: 10 July 2003 at 8:32am
|
The easiest way to do it is to go change the following functions in the functions_hash1way.asp files (in the functions folder) to:
Function getSalt(intLen) getSalt = "" End Function Function HashEncode(strSecret) HashEncode = strSecret End Function These are the main functions involved in the encryption process and this disables them. You might want to try it out on a test forum first because there may be more function edits that you may need. ------------- L. Jamal Walton http://www.ljamal.com/" rel="nofollow - L. Jamal Inc : Web/ Print Design and ASP Programming |
Posted By: xeerex
Date Posted: 10 July 2003 at 8:36am
|
============= and if someone forgets its password, it would be nice to send him again by e-mail, instead of sending a new one ============= Why can't someone just click the "forgotten password" link? ------------- http://webspacegeeks.com - Need Hosting, Domains, Dedicated Servers? http://www.smartergeek.com - web design | pc support | training | podcasts | video production |
Posted By: ljamal
Date Posted: 10 July 2003 at 8:38am
|
because the forgotten password link in version 7.01 generates a new password. ------------- L. Jamal Walton http://www.ljamal.com/" rel="nofollow - L. Jamal Inc : Web/ Print Design and ASP Programming |
Posted By: xeerex
Date Posted: 10 July 2003 at 8:43am
|
I know---so the user logs back in and changes the password to something they can remember? I'm not arguing the point of disabling the encryption if that is what someone wants on their forum... ------------- http://webspacegeeks.com - Need Hosting, Domains, Dedicated Servers? http://www.smartergeek.com - web design | pc support | training | podcasts | video production |
Posted By: ljamal
Date Posted: 10 July 2003 at 8:50am
|
If you know that then you realize that it opens it up for any one who knows your email to hange your password via the forgot password scripts. While you get the email, having someone changing your password once a day could be annoying and lessen the enjoyment of the forum for everyone.
You could make the arguement that the forum doesn't display your email address, but if you post your web site URL then your email address is only a couple clicks away. ------------- L. Jamal Walton http://www.ljamal.com/" rel="nofollow - L. Jamal Inc : Web/ Print Design and ASP Programming |
Posted By: edgard
Date Posted: 10 July 2003 at 11:26am
hi xeerex, i never said nobody can click on, i was thinking about recovering the password, not reseting and getting a new one, by clicking one the "forgotten password" link, sorry if i didn't explain clearly. So i ask again my question more clearly now : is it a way to send back the user password if he clicks on the forgotten password link, instead of reseting and sending a new one ? i hope i'm not boring with this question Edgard |
xeerex wrote:
) and it will leads to complications : topics of users who aren't aware they can change the new one, problems with stoic user who tries to remember the new password (and not a really esay one, as C2D33FE1 ... and don't forget this user already forget its own password ... i'm not so sure he will remember this one better 
Posted By: ljamal
Date Posted: 10 July 2003 at 11:45am
|
There is not a way with the encryption turned on. The encryption is a one way hash and can not be de-crypted easily.
Once you disable the encryption you would have to re-write the forgot password page so that it sends the current password rather than creating a new one. ------------- L. Jamal Walton http://www.ljamal.com/" rel="nofollow - L. Jamal Inc : Web/ Print Design and ASP Programming |
Posted By: edgard
Date Posted: 10 July 2003 at 2:48pm
|
Thank you ljamal ! i see, i *just* have to disable encryption with the code you gave in this thread ... i said *just* cause i'm not a coder myself, i'll ask to a friend of mine Untill someone release maybe a mod about it.
Edgard |
