Security schemes for Players
Richard Gaskin
ambassador at fourthworld.com
Mon Oct 4 13:21:25 EDT 2004
Alejandro Tejada wrote:
>>1) ask for a username/pass combo so we know it's a
>>'good' teacher
>
> How could i prepare in case some teacher pass
> or lost their password?
You may find it even more secure to store no passwords at all on your
server, only an MD5 digest of them. The upside to this approach is that
it provides stronger protection for your teacher's passwords -- most
folks use only a few passwords for everything in their lives, but even
if someone breaks into your server and steals all the data there will be
no passwords there. :)
The downside is that there's no way to send a password to a teacher.
But increasingly many systems designers aren't sending passwords anyway,
but merely resetting the password, which you could do as well with an
MD5-based scheme.
--
Richard Gaskin
Fourth World Media Corporation
___________________________________________________________
Ambassador at FourthWorld.com http://www.FourthWorld.com
More information about the metacard
mailing list