How safe?

Well, your password isn't stored on the server at all, so you've secure from that sense. When you register, your password is stored like this

You enter your password > Server makes an MD5 Hash of your password (an irreversible encryption) > Password is stored in an mySQL Database.

When you login, it re-encrypts the password, and compares the hash in the database with the hash of the password the user entered.

A hacker could reset your password somehow, but not read your password (Unless he acquired the hash, and used somthing like the "hash dictionary" at milw0rm.com). So if you wanted to be as secure as possible, you should use a password with 12+ characters, and a combo of Text, Numbers and Symbols.
 
Yep, each passoword now is random of letters (lower case and upper case), numbers, and symbols, and well above 12 :p
 
Well, your password isn't stored on the server at all, so you've secure from that sense. When you register, your password is stored like this

You enter your password > Server makes an MD5 Hash of your password (an irreversible encryption) > Password is stored in an mySQL Database.

When you login, it re-encrypts the password, and compares the hash in the database with the hash of the password the user entered.

Thats pretty much it, they can't 'extract' your password, only reset it
 
So, if they do this reset, would it go to your e-mail, like as an automati?....No, but that'd make no sense, and mine was reset like 4 times, because thats how many I had in my inbox, one after the other.

Oh well... I guess on this occassion, they did somehow get my password. I have no spyware/keyloggers I don't believe either.
 
Back
Top Bottom