SV650.org - SV650 & Gladius 650 Forum



Idle Banter For non SV and non bike related chat (and the odd bit of humour - but if any post isn't suitable it'll get deleted real quick).
There's also a "U" rating so please respect this. Newbies can also say "hello" here too.

Reply
 
Thread Tools
Old 06-10-09, 11:20 AM   #21
Kinvig
Guest
 
Posts: n/a
Default Re: *urgent* anyone else heard about the password leak?

[tech derail]


Quote:
Originally Posted by TSM View Post
the normal way is to hash the username & password together, well thats nix way from what i remember
Yup, I hash using either username or email address. It's the one time on a website that I'll use javascript for "core" functionality as I don't want an unhashed pwd gonig back & forth between server & client.

Quote:
Originally Posted by TSM View Post
i somtimes hash it with the IP address & session_id if i want a temporary password, many diffrent ways
passwords in DB are usualy not done with a master seed though, if you loose that then you are stuffed
You can't always rely on a client's browser maintaining 1 ip address for its session. Apps such as AOL seem to let the AOL browser use a roaming/floating ip address range - hence all the issues that you get with AOL users.

[/tech derail]
  Reply With Quote
Old 06-10-09, 11:23 AM   #22
TSM
The Sick Man
Mega Poster
 
TSM's Avatar
 
Join Date: Nov 2004
Location: Peckham.SE.LDN
Posts: 4,768
Default Re: *urgent* anyone else heard about the password leak?

Quote:
Originally Posted by Kinvig View Post
[tech derail]




Yup, I hash using either username or email address. It's the one time on a website that I'll use javascript for "core" functionality as I don't want an unhashed pwd gonig back & forth between server & client.



You can't always rely on a client's browser maintaining 1 ip address for its session. Apps such as AOL seem to let the AOL browser use a roaming/floating ip address range - hence all the issues that you get with AOL users.

[/tech derail]
This is true, but if you check for the proxy header, you should be able then able to change the hasing method. If all else fails, i usualy make it possable disable bind to ip.
__________________
OTR: KTM 690 Duke R 2015 Full Akro
SIDELINE: Kwak ZX636 A1P 2002, Red, R&G's, Yoshi, Double Bubble Screen
GONE: Kwak ZX-7R P1, Full Akro, Undertray, Screen
GONE: SV650S K2 Very Bruised & Without Fairing, Motovation Frame Sliders, R&G Ally Sprocket Toe Protector, HEL 2 Line Setup, GSXR K1 600 RWU Forks, Barnett Clutch & Springs, Penske 8981 Shock, Gilles Ti Rearsets, Steel Barends, Scottoiler, AFAM Chain & Sprockets, Twin FIAMM Horns, Skidmarx Bellypan, Full Micron Zeta Steel System, Cut down undertay.

Forum Problems & Information / Site Suggestions
TSM is offline   Reply With Quote
Old 06-10-09, 11:40 AM   #23
Owenski
Guest
 
Posts: n/a
Default Re: *urgent* anyone else heard about the password leak?

Quote:
Originally Posted by -KINGVIG-TSM View Post
Bla bla bla tech'y bolarx bla bla bla mind melted, now cream pie'd
lol, Im sure it made perfect sense to you guys but that totally went over my head rofl.
  Reply With Quote
Old 06-10-09, 12:42 PM   #24
Warthog
Guest
 
Posts: n/a
Default Re: *urgent* anyone else heard about the password leak?

Quote:
Originally Posted by TSM View Post
naa, ive confirmed its you, sure you remember who you are
I'm Spiderman aren't I?
  Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Have you ever heard of.... 14990 Idle Banter 28 16-08-08 01:02 PM
Anyone heard from Tara Pennine Massive 2 03-10-06 07:53 PM
Not oil leak - Petrol leak - double "Bugger"...! Potts SV Talk, Tuning & Tweaking 1 17-10-04 08:16 PM


All times are GMT. The time now is 08:14 AM.


Powered by vBulletin® - Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.