I wish to setup an automatic password recovery system on my website,
like the one most of the sites have nowadays. You need to enter your
mail-id as provided earlier or answer the secret question. Can anyone
plz help me to understand exactly how it works and what are the
possible security threats involved?
enjoywithneha@yahoo.com writes:
>I wish to setup an automatic password recovery system on my website,
>like the one most of the sites have nowadays. You need to enter your
>mail-id as provided earlier or answer the secret question. Can anyone
>plz help me to understand exactly how it works and what are the
>possible security threats involved?
The code gets the data out of the database and sends an email, or
verifies the response?
Security threats are that your info is probably in the database in the
clear, or at best, in some recoverable to clear-text format.
enjoywithneha@yahoo.com writes:
>I wish to setup an automatic password recovery system on my website,
>like the one most of the sites have nowadays. You need to enter your
>mail-id as provided earlier or answer the secret question. Can anyone
>plz help me to understand exactly how it works and what are the
>possible security threats involved?
The problem is that you need to keep a database of cleartext passwords on
your system. This makes it an ideal hacker target, since people often reuse
their passwords. Thus by grabbing your database, they will have a huge list
of people, their email addresses and their passwords probably to other
systems.
Passwords should always be one way, so that the customer can change their
password with appropriate permission from your system, but cannot be told
their password.
Unruh wrote:
> enjoywithneha@yahoo.com writes:
>
>
>>I wish to setup an automatic password recovery system on my website,
>>like the one most of the sites have nowadays. You need to enter your
>>mail-id as provided earlier or answer the secret question. Can anyone
>>plz help me to understand exactly how it works and what are the
>>possible security threats involved?
>
>
> The problem is that you need to keep a database of cleartext passwords on
> your system.
Luckily that isn't mandatory.
> Passwords should always be one way, so that the customer can change their
> password with appropriate permission from your system, but cannot be told
> their password.
You store only a hash of the password. When a user who has forgotten the
password requests a copy, you just generate a new random password, send
it to the user, and store the hash in the database. The user has the
option to change the random password to whatever s/he likes in the usual
manner.
-- Lassi
enjoywithneha@yahoo.com wrote:
> I wish to setup an automatic password recovery system on my website,
> like the one most of the sites have nowadays. You need to enter your
> mail-id as provided earlier or answer the secret question. Can anyone
> plz help me to understand exactly how it works and what are the
> possible security threats involved?
>
Never mail the original password to an email-id. The original password
should be stored as secured one way hashes, preferably atleast SHA-256
in your database/file. If a user has lost his/her password, make them
answer some question before mailing a random one-time password to their
email accounts.
-Neo