Comments on: Creating an Advanced Password Recovery Utility

By: Ernährungsplan

Ernährungsplan — Thu, 30 Jul 2009 03:01:32 +0000

Nive tut, thanks! A little to big, but nicely made.

By: Adam

Adam — Sun, 07 Jun 2009 21:19:01 +0000

Very useful! Thank you ever so much.

By: insomniac

insomniac — Tue, 19 May 2009 06:54:16 +0000

…and now the song goes “omg! unencrypted passwords!? kill kill! blah blah…”

This tutorial is good overall, it makes you start to think (using your brain, that is). but if you do not think, or you are not used to think (don’t use your brain) i.e. doing copy-paste, then this website is not for you.

It is in no case full password recovery functionality, and should be only a good start for YOU (using your brain here) to create the business logic and to polish the code here and there.

A good work anyway.

By: Marcus Krause

Marcus Krause — Tue, 12 May 2009 01:58:48 +0000

Reading “encryption” together with md5 made me stop in the 3rd paragraph. Sorry buddy, md5 is about hashing!

By the way, foo#bar@example.org would be a valid mail adress but this site’s comment functionality rejects it.

By: Tom Cameron

Tom Cameron — Sun, 10 May 2009 13:23:38 +0000

Eugh. Unencrypted passwords?!

NetTuts — you really need to edit articles that mention things like this; the idea that even now people would store a plain-text password without any form of encryption is a bit disturbing. I certainly hope that I don’t come across any sites that follow tutorials which leave my password in plain-text for the administrator (or any wannabee hacker) to view!

By: Kyle

Kyle — Fri, 08 May 2009 19:05:21 +0000

You should *never* be storing unencrypted passwords. The fact that this tutorial even presents unencrypted passwords as a viable option is flabbergasting.

You should be completely discouraging people from storing unencrypted passwords. If you don’t understand how to encrypt passwords, you’re not ready to handle user membership.

By: jermaine

jermaine — Fri, 08 May 2009 18:39:00 +0000

nice tutorial, i just got a quick galnced at it looks good but im not skilled enougth to understand it so i will save it somewhere and come back to it sometime,

By: saurabh shah

saurabh shah — Thu, 07 May 2009 19:32:26 +0000

wow ! it’s a gr8 post .. gonna try this now … thanx for sharing … and yes keep rocking like this ….

By: patqo

patqo — Thu, 07 May 2009 13:44:42 +0000

where’s the images?? (cry)

By: Dav

Dav — Thu, 07 May 2009 13:37:44 +0000

Ok, if it is auto-generated and sent to your email what happens when a malicious user knows both your username and email and keeps requesting a lost password? You end up having to sift through your emails to find out what your password is, at least the way it’s implemented above you don’t have to worry about your password changing without your notice.