Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

asp:PasswordRecovery - show password on screen

Posted on 2011-02-10
3
Medium Priority
?
386 Views
Last Modified: 2012-05-11
Hi
I'm developing an intranet where a lot of users dont have an email address so i need to do a password recovery by asking them their security question, and then reveal the password on screen

Is this possible ?
I'm really after the code or a tutorial that shows how to do this
i've looked and all i can find are the standard tutorials that email the password

Thanks
0
Comment
Question by:websss
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 2

Expert Comment

by:Nicholas Ford
ID: 34871547
If they send the password via email, just change the script so that instead of sending the email it displays the result on the page.  Remember, the only way to show a users password again is if it's not stored in an encrypted format (i.e., MD5 hash).
0
 

Author Comment

by:websss
ID: 34871720
it's encrupted
I can see salt etc in the DB

so is my only option an email?
0
 
LVL 2

Accepted Solution

by:
Nicholas Ford earned 2000 total points
ID: 34873067
As it is encrypted, you can not feasibly retrieve the original email.  All you can do is take user input, hash it using the salt (using the same/original hashing function) and compare the resulting hash with what's stored in the database.

So for forgotten passwords you will need to have users reset their password after passing the security question.  You can do this either way (immediately on the page or by sending a link via email).  The best way would be considered to email the link so that it's more likely that the user is the one resetting the password.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Problem Hi all,    While many today have fast Internet connection, there are many still who do not, or are connecting through devices with a slower connect, so light web pages and fast load times are still popular.    If your ASP.NET page …
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question