本文介绍了当密码存储为哈希值时检索密码的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
Can users request that their password be emailed to themselves if the password is stored as a hash value?
Is there any way to convert a hash value to the clear text value with the proper information (& what information would you need)?
If a user has the same password hash value stored on two sites, would their password be the same for both sites?
解决方案
If you're only storing a hash of the password, then no. ...and you should only be storing a properly-salted hash of their password, anyway.
Password reset mechanisms are the proper alternative.
这篇关于当密码存储为哈希值时检索密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!
本站部分内容来源互联网,如果有图片或者内容侵犯您的权益请联系我们删除!