[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Savannah-help-public] [sr #107281] Verification of account email change

From: Sylvain Beucler
Subject: [Savannah-help-public] [sr #107281] Verification of account email changes is ineffective (try 2)
Date: Sat, 31 Jul 2010 14:57:52 +0000
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv: Gecko/20100722 IceCat/3.6.7 (like Firefox/3.6.7)

Follow-up Comment #3, sr #107281 (project administration):

I'm reimplementing this particular function (user e-mail change verification)
in the next Savane.

Wrt predicatable identifiers, what about storing 2 random numbers in the DB,
one for confirmation and one for cancellation?

Other code tend to use MD5 and combine user information such as username,
etc., but I fail to see the increased security compared to a good old, plain
64 bits random number.


Reply to this item at:


  Message sent via/by Savannah

reply via email to

[Prev in Thread] Current Thread [Next in Thread]