问题
i was thinking sending an email with the md5 password as token and check if the email+password are correct before showing the recover password form
1) user enters mail
2) if mail exists, send an email to with it with password as token
3) when user click to link: check if mail and md5 password are correct, if so:
4) show password generator form
-EDIT-
So how could be safer without adding any column to the user table?
回答1:
It's at least theoretically unsafe. See e.g. md5 decoding. How they do it? and MD5 security is fine?
But why do that in the first place? The following would be much more secure, and only marginally more difficult to implement:
- Generate a random key, e.g.
123456789abc - Store it in the user record
- Add the key to the URL
lookup.php?key=123456789abc - When the user clicks the URL, look up the key to find the correct E-Mail address.
- Once the operation has completed, delete the key.
Give the key a lifetime of, say, 24 hours so illegitimate requests fade away.
回答2:
I am rather sure, this is not a good idea: If this mail falls into wrong hands, it gives an attacker an offline vector against an MD5 - which means it gives him the password, if he is faster than the real user.
Use salting and a more calculation intensive process.
回答3:
If I understand correctly, and the MD5 hash of the password is only sent to that email address, then I think it's not that dangerous... It could be only if the email account has been compromised.
It's not the best practice, but I think the "email compromised" scenario is not of interest, since almost every method is "vulnerable" to that.
回答4:
you can use a random string instead of the md5'ed password. You only need to verify, that the person, who asks you to reset the password, also is the owner of the email address.
When you send out something that is related to the password (like a hash), than you give out a hint, that you don't need to give out. There are tables out there to do the reverse of a md5'hash and that can be used to guess the password.
Think of the random string as a session id.
回答5:
Maybe it would be better at least use the MD5 of something else since if the password is weak an attacker could use a dictionary to discover the password.
As others suggest it would be better to avoid this, and ideally generate a random token, store it somewhere, and send/verify it.
来源:https://stackoverflow.com/questions/9454949/how-unsafe-is-to-user-the-md5-password-as-token-in-the-recover-password-email