«

Hi,

when a password is sent to the user via email with the PasswordRecovery
control, is it sent in "clear" even if the password is hashed or encrypted?

Thanks
Ben

You can only use this if you have stored your passwords with the cleartext
option. Otherwise, normally only a hash is stored, and so you would need to
generate a new password for the user and email that to them.
Peter

--
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net




"Ben" wrote:

> Hi,
>
> when a password is sent to the user via email with the PasswordRecovery
> control, is it sent in "clear" even if the password is hashed or encrypted?
>
> Thanks
> Ben
>
>
>

Thanks for replying.
May i ask this:
1) The new generated hashed password sent to the mailadrress, is it sent in
"clear"?
2) if the passwordformat is encrypted, no passwordrecovery is then possible
or a new one must be generated ?

Thanks

"Peter Bromberg [C# MVP]" <> schreef in
bericht news:9567EA8C-1641-49F5-9B9C-...
> You can only use this if you have stored your passwords with the cleartext
> option. Otherwise, normally only a hash is stored, and so you would need
> to
> generate a new password for the user and email that to them.
> Peter
>
> --
> Site: http://www.eggheadcafe.com
> UnBlog: http://petesbloggerama.blogspot.com
> Short urls & more: http://ittyurl.net
>
>
>
>
> "Ben" wrote:
>
>> Hi,
>>
>> when a password is sent to the user via email with the PasswordRecovery
>> control, is it sent in "clear" even if the password is hashed or
>> encrypted?
>>
>> Thanks
>> Ben
>>
>>
>>

Thanks.
The answer is:
1) yes
2) clear or encrypted: can be sent (both as cleartext); hashed: must be
reset (new pw).


"Ben" <> schreef in bericht
news:%...
> Thanks for replying.
> May i ask this:
> 1) The new generated hashed password sent to the mailadrress, is it sent
> in "clear"?
> 2) if the passwordformat is encrypted, no passwordrecovery is then
> possible or a new one must be generated ?
>
> Thanks
>
> "Peter Bromberg [C# MVP]" <> schreef in
> bericht news:9567EA8C-1641-49F5-9B9C-...
>> You can only use this if you have stored your passwords with the
>> cleartext
>> option. Otherwise, normally only a hash is stored, and so you would need
>> to
>> generate a new password for the user and email that to them.
>> Peter
>>
>> --
>> Site: http://www.eggheadcafe.com
>> UnBlog: http://petesbloggerama.blogspot.com
>> Short urls & more: http://ittyurl.net
>>
>>
>>
>>
>> "Ben" wrote:
>>
>>> Hi,
>>>
>>> when a password is sent to the user via email with the PasswordRecovery
>>> control, is it sent in "clear" even if the password is hashed or
>>> encrypted?
>>>
>>> Thanks
>>> Ben
>>>
>>>
>>>
>
>