Solved

asp:PasswordRecovery - show password on screen

Posted on 2011-02-10
3
379 Views
Last Modified: 2012-05-11
Hi
I'm developing an intranet where a lot of users dont have an email address so i need to do a password recovery by asking them their security question, and then reveal the password on screen

Is this possible ?
I'm really after the code or a tutorial that shows how to do this
i've looked and all i can find are the standard tutorials that email the password

Thanks
0
Comment
Question by:websss
  • 2
3 Comments
 
LVL 2

Expert Comment

by:ndford005
ID: 34871547
If they send the password via email, just change the script so that instead of sending the email it displays the result on the page.  Remember, the only way to show a users password again is if it's not stored in an encrypted format (i.e., MD5 hash).
0
 

Author Comment

by:websss
ID: 34871720
it's encrupted
I can see salt etc in the DB

so is my only option an email?
0
 
LVL 2

Accepted Solution

by:
ndford005 earned 500 total points
ID: 34873067
As it is encrypted, you can not feasibly retrieve the original email.  All you can do is take user input, hash it using the salt (using the same/original hashing function) and compare the resulting hash with what's stored in the database.

So for forgotten passwords you will need to have users reset their password after passing the security question.  You can do this either way (immediately on the page or by sending a link via email).  The best way would be considered to email the link so that it's more likely that the user is the one resetting the password.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes in DotNetNuke module development you want to swap controls within the same module definition.  In doing this DNN (somewhat annoyingly) swaps the Skin and Container definitions to the default admin selections.  To get around this you need t…
Introduction This article shows how to use the open source plupload control to upload multiple images. The images are resized on the client side before uploading and the upload is done in chunks. Background I had to provide a way for user…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

943 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now