Go Back   Computer Forums > Welcome To Computer Forums .org > Social Lounge | Off Topic
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 01-25-2008, 03:17 PM   #11
j03
~~~~~~~~
 
Join Date: Jan 2005
Location: Wales
Posts: 5,556
Send a message via MSN to j03
Default Re: How safe?

Well, your password isn't stored on the server at all, so you've secure from that sense. When you register, your password is stored like this

You enter your password > Server makes an MD5 Hash of your password (an irreversible encryption) > Password is stored in an mySQL Database.

When you login, it re-encrypts the password, and compares the hash in the database with the hash of the password the user entered.

A hacker could reset your password somehow, but not read your password (Unless he acquired the hash, and used somthing like the "hash dictionary" at milw0rm.com). So if you wanted to be as secure as possible, you should use a password with 12+ characters, and a combo of Text, Numbers and Symbols.
__________________

j03 is offline   Reply With Quote
Old 01-25-2008, 03:28 PM   #12
Golden Master
 
Kage's Avatar
 
Join Date: Nov 2004
Posts: 13,873
Send a message via MSN to Kage
Default Re: How safe?

Yep, each passoword now is random of letters (lower case and upper case), numbers, and symbols, and well above 12
__________________

__________________
Abit IP35 Pro / Q6600 G0 / Zalman 9700 / 8800GTS 640mb / 4x 2GB Corsair XMS / X-FI Xtreme M / 1x 1TB / Antec 900 / Logitech Z-5500 / Samsung 20inch
Kage is offline   Reply With Quote
Old 01-25-2008, 05:53 PM   #13
Site Team
 
David Lindon's Avatar
 
Join Date: Dec 2002
Posts: 15,233
Default Re: How safe?

Quote:
Originally Posted by J03 View Post
Well, your password isn't stored on the server at all, so you've secure from that sense. When you register, your password is stored like this

You enter your password > Server makes an MD5 Hash of your password (an irreversible encryption) > Password is stored in an mySQL Database.

When you login, it re-encrypts the password, and compares the hash in the database with the hash of the password the user entered.
Thats pretty much it, they can't 'extract' your password, only reset it
__________________
[url=http://www.LNXPS.NET]LNXPS.NET - The XPS Library]
David Lindon is offline   Reply With Quote
Old 01-26-2008, 04:29 AM   #14
Golden Master
 
Kage's Avatar
 
Join Date: Nov 2004
Posts: 13,873
Send a message via MSN to Kage
Default Re: How safe?

So, if they do this reset, would it go to your e-mail, like as an automati?....No, but that'd make no sense, and mine was reset like 4 times, because thats how many I had in my inbox, one after the other.

Oh well... I guess on this occassion, they did somehow get my password. I have no spyware/keyloggers I don't believe either.
__________________

__________________
Abit IP35 Pro / Q6600 G0 / Zalman 9700 / 8800GTS 640mb / 4x 2GB Corsair XMS / X-FI Xtreme M / 1x 1TB / Antec 900 / Logitech Z-5500 / Samsung 20inch
Kage is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 12:23 PM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0