Goto Chockstone Home

  Guide
  Gallery
  Tech Tips
  Articles
  Reviews
  Dictionary
  Links
  Forum
  Search
  About

      Sponsored By
      ROCK
   HARDWARE

  Shop
Chockstone Photography
Australian Landscape Photography by Michael Boniwell
Australian Landscape Prints





Chockstone Forum - Chockstone Feedback

Provide Feedback About This Website

Author
Did you just email me my password in plain text?
stib
28-Jun-2018
1:42:11 PM
I just registered and got emailed my password in plain text. That means that the server is not storing my password encrypted, which means that the passwords of all the users are vulnerable to attack.

Maybe it's time to upgrade the forum software to something from this century.
Chockstone Moderator
28-Jun-2018
6:57:30 PM
On 28-Jun-2018 stib wrote:
>I just registered and got emailed my password in plain text. That means
>that the server is not storing my password encrypted, which means that
>the passwords of all the users are vulnerable to attack.
>
>Maybe it's time to upgrade the forum software to something from this century.

I will bring this post to the attention of Site Author.
In the meantime I think there is an option to change your password within your profile, accessed by clicking on that button from most pages of this site.

However it’s true that this site is operating on an antique platform, and I am not savvy enough about the technology to know if changing your password will solve the issue that you have brought to our attention.

Rupert
29-Jun-2018
10:14:08 AM
My memory (which may very well not be correct) is that Michael built/coded this site himself and that it was never an off-the-shelf product. I think overall it has held up very well.

Mike
29-Jun-2018
11:46:10 AM
Fear not. Passwords are encrypted within the database. As mentioned, changing the password sent to you by the system is a good idea.
PeterW
29-Jun-2018
1:37:43 PM
Mike, is there any chance of a tweak to the code to let "https:" be recognised automatically as a URL like "http:"?
(removed)
30-Jun-2018
2:03:49 PM
On 28-Jun-2018 stib wrote:
>I just registered and got emailed my password in plain text. That means
>that the server is not storing my password encrypted, which means that
>the passwords of all the users are vulnerable to attack.
>
>Maybe it's time to upgrade the forum software to something from this century.

Can still be encrypted within the database, it only means it's not one-way.

Otherwise correct. I think this site still has a future (see CragX thread) but it will need better software - both forum and social media integration. Happy to assist if there's interest.
PeterW
30-Jun-2018
3:38:49 PM
On 30-Jun-2018 FatBoy wrote:
>Can still be encrypted within the database, it only means it's not one-way.

It can be a one-way encryption if it's only held in plain text long enough to send the registration email!

There are 7 messages in this topic.

 

Home | Guide | Gallery | Tech Tips | Articles | Reviews | Dictionary | Forum | Links | About | Search
Chockstone Photography | Landscape Photography Australia | Australian Landscape Photography | Landscape Photos Australia

Please read the full disclaimer before using any information contained on these pages.



Australian Panoramic | Australian Coast | Australian Mountains | Australian Countryside | Australian Waterfalls | Australian Lakes | Australian Cities | Australian Macro | Australian Wildlife
Landscape Photo | Landscape Photography | Landscape Photography Australia | Fine Art Photography | Wilderness Photography | Nature Photo | Australian Landscape Photo | Stock Photography Australia | Landscape Photos | Panoramic Photos | Panoramic Photography Australia | Australian Landscape Photography | High Country Mountain Huts | Mothers Day Gifts | Gifts for Mothers Day | Mothers Day Gift Ideas | Ideas for Mothers Day | Wedding Gift Ideas | Christmas Gift Ideas | Fathers Day Gifts | Gifts for Fathers Day | Fathers Day Gift Ideas | Ideas for Fathers Day | Landscape Prints | Landscape Poster | Limited Edition Prints | Panoramic Photo | Buy Posters | Poster Prints