|MOVED TOPIC: MD5 encrypted passwords...
|Page 1 of 1|
|Author:||Guest [ 10 Oct 2004, 11:12 ]|
|Post subject:||MOVED TOPIC: MD5 encrypted passwords...|
hi Mario and Joy
I did also appreciate the script. I am also looking for logout possibilities and will give the proposed ones a try.
The only question I've got left is about the safety.
My webserver doesn't permit anonymous login but users could try to unravel the name of my textfile (although they should try manyy times).
I ever heard aboyt md5hash , how is it possible to encrypt the passfile with md5hash?
|Author:||mvaldez [ 11 Oct 2004, 13:05 ]|
|Post subject:||Good idea... now implemented.|
> The only question I've got left is about the safety.
> My webserver doesn't permit anonymous login but
> users could try to unravel the name of my textfile
> (although they should try manyy times). I ever heard
> aboyt md5hash , how is it possible to encrypt the
> passfile with md5hash?
Hi. The script doesn't include MD5 hashes because it was designed for simplicity. The idea was that the password file could be changed with a simple text editor without extra software. Most users from non-Unix/Linux platforms doesn't have MD5 or SHA1 hash generators, so I discarded the idea.
But I can see your concern. I have just released version 1.0.2 with support for MD5 hashed (sort-of encrypted) password.
There is now an option in the slogin_lib.inc.php file named slogin_usehashes. Just set it to 1 and change the passwords in the users file to their MD5 hashes. So now, for example, the default "admin" password become 21232f297a57a5a743894a0e4a801fc3.
The help you in this step, there is a new script file named slogin_genpass.php where you can enter the plain text password and it will return the MD5 hash.
Mario A. Valdez-Ramirez.
|Page 1 of 1||All times are UTC - 7 hours|
|Powered by phpBB® Forum Software © phpBB Group