VaultNetwork.net Vault Network Boards

VaultNetwork.net: Vault Network Boards | Boards

[VaultNetwork.net] Vault Network Boards » Archive » Outpost » Sinlock's board emails your password in plain text
Welcome, Guest - Login | Register | Search | Blogs | Board Rules/FAQ | Contact Mods
Author Topic: Sinlock's board emails your password in plain text [Locked]
Scarne  4 stars
Title: Capo di Scientifico
Posts: 1,087
Registered: 2001-7-23 15:24:34
 Date Posted: 1/1/00 12:00am Subject: Sinlock's board emails your password in plain text
Someone sound the metalface alert!

 

-----signature-----
E Pluribus Unum
Sinlock  2 stars
Title: Savior of the Camelot Outpost
Posts: 376
Registered: 2000-5-14 16:20:01
 Date Posted: 1/1/00 12:00am Subject: Sinlock's board emails your password in plain text
That must be only during registration. The form emails it to you like a savant, and doesn't store the plaintext in the DB or in any way it could be fetched by me or anyone else.

In the DB, passwords are hashed through MD5. I cannot read the plaintext. This is a 32 character string of gibberish looking characters that have no recognizable pattern to human eyes.

It *is* possible to brute force MD5 codes, given a particular MD5 value; however, if you make your password at least 10 characters long and include a special character, number, and/or one more more capitalized characters, the brute force time can take weeks/months/many years to crack.

On the modern internet it is not wise to have short passwords that are only lowercase letters for anything important.

If it bothers anyone that the email is sent with the password in plaintext, I could likely have the savant form strike that part out.

 

-----signature-----
THOOOOKA...THOOOOOKA...THOOOOOKA...
Future Grand President For Life of the Universe (you'll see! you'll be sorry then!)
Outpost Terrorist #1! I don't care what any law says!
paulg_68  4 stars
Posts: 2,469
Registered: 2009-7-27 18:45:54
 Date Posted: 1/1/00 12:00am Subject: Sinlock's board emails your password in plain text
I used a different password than I ever use anywhere else because I know that Sinlock is evil and devious.

 

-----signature-----
If you wish to make an apple pie from scratch...
http://www.youtube.com/watch?v=zSgiXGELjbc
"Everyone has a chance to become rich." - Groucho48
"Most of the human wealth on earth exists between the ears of live human beings." - theredkay1
Sinlock  2 stars
Title: Savior of the Camelot Outpost
Posts: 376
Registered: 2000-5-14 16:20:01
 Date Posted: 1/1/00 12:00am Subject: Sinlock's board emails your password in plain text
Meh - fixed. Registration confirmations no longer include plaintext passwords.

 

-----signature-----
THOOOOKA...THOOOOOKA...THOOOOOKA...
Future Grand President For Life of the Universe (you'll see! you'll be sorry then!)
Outpost Terrorist #1! I don't care what any law says!
Sinlock  2 stars
Title: Savior of the Camelot Outpost
Posts: 376
Registered: 2000-5-14 16:20:01
 Date Posted: 1/1/00 12:00am Subject: Sinlock's board emails your password in plain text
paulg_68 posted:
I used a different password than I ever use anywhere else because I know that Sinlock is evil and devious.




I have been known to crack MD5 passwords; that said, if you keep it 10 characters (11 or even 12 is better) with at least one special character/number/cap letter, then it can take YEARS to brute force.

Rainbow tables are another matter. I haven't played with them much, but I understand they are very effective.

Just use unique passwords for sites and there would never be a problem here or anywhere.

 

-----signature-----
THOOOOKA...THOOOOOKA...THOOOOOKA...
Future Grand President For Life of the Universe (you'll see! you'll be sorry then!)
Outpost Terrorist #1! I don't care what any law says!
NuEM  4 stars
Posts: 1,007
Registered: 2004-3-2 09:08:11
 Date Posted: 1/1/00 12:00am Subject: Sinlock's board emails your password in plain text
Fix your create new account link.

 

-----signature-----
It's time we became European:
http://www.youtube.com/watch?v=6VzdZ1i8YM8
The Federalist's Song:
http://www.youtube.com/watch?v=lz70fFZHEhw
Sinlock  2 stars
Title: Savior of the Camelot Outpost
Posts: 376
Registered: 2000-5-14 16:20:01
 Date Posted: 1/1/00 12:00am Subject: Sinlock's board emails your password in plain text
NuEM posted:
Fix your create new account link.



What's not working about it? We've had a ton of people register, and I just tried it - appears to be working fine.

 

-----signature-----
THOOOOKA...THOOOOOKA...THOOOOOKA...
Future Grand President For Life of the Universe (you'll see! you'll be sorry then!)
Outpost Terrorist #1! I don't care what any law says!
NuEM  4 stars
Posts: 1,007
Registered: 2004-3-2 09:08:11
 Date Posted: 1/1/00 12:00am Subject: Sinlock's board emails your password in plain text
When I click on create new account it just loads the main page again.

 

-----signature-----
It's time we became European:
http://www.youtube.com/watch?v=6VzdZ1i8YM8
The Federalist's Song:
http://www.youtube.com/watch?v=lz70fFZHEhw
bstulic  3 stars
Posts: 761
Registered: 2002-7-26 04:55:00
 Date Posted: 1/1/00 12:00am Subject: Sinlock's board emails your password in plain text
Sinlock posted:
paulg_68 posted:
I used a different password than I ever use anywhere else because I know that Sinlock is evil and devious.




I have been known to crack MD5 passwords; that said, if you keep it 10 characters (11 or even 12 is better) with at least one special character/number/cap letter, then it can take YEARS to brute force.

Rainbow tables are another matter. I haven't played with them much, but I understand they are very effective.

Just use unique passwords for sites and there would never be a problem here or anywhere.



Don't crack it, man. Just put code to save it in plain text in your private database

 

-----signature-----
http://gimpchimp.etilader.com/display.php?user=segro
http://img102.imageshack.us/my.php?image=killinguj9.gif
http://www.youtube.com/watch?vRzZuVqyAQI
Sinlock  2 stars
Title: Savior of the Camelot Outpost
Posts: 376
Registered: 2000-5-14 16:20:01
 Date Posted: 1/1/00 12:00am Subject: Sinlock's board emails your password in plain text
NuEM posted:
When I click on create new account it just loads the main page again.



I believe I know the issue and will PM you privately. Look for a message in about 45 seconds!

 

-----signature-----
THOOOOKA...THOOOOOKA...THOOOOOKA...
Future Grand President For Life of the Universe (you'll see! you'll be sorry then!)
Outpost Terrorist #1! I don't care what any law says!
[VaultNetwork.net] Vault Network Boards » Archive » Outpost » Sinlock's board emails your password in plain text
69 Boards | 434,053 Messages (1 Today)
CoreBB Stable Pre-Release v1.4.0 | © 2005-2026 CoreBB

VaultNetwork.net is an independently operated community forum and is not affiliated with, endorsed by, or technically based on IGN, GameSpy, FilePlanet, GameStats, or the former IGN/GameSpy Vault Network.
References to VaultNetwork.net mean this site/domain. VNBoards-style presentation is a visual homage only. By using this site, you agree to the forum rules.