Search found 3 matches

by Nuisance Value
Mon Sep 09, 2013 7:50 am
Forum: [3.x] Rejected RFCs
Topic: [RFC] Use password_hash
Replies: 14
Views: 48913

Re: [RFC] Use password_hash

Storing passwords in plain text or unhashed form is never going to be a core option. It might be an option to add some language on the registration page to say "Your password will be hashed and cannot be recovered, so keep it in a safe place." or something to that effect. English-speaking...
by Nuisance Value
Sat Sep 07, 2013 11:28 am
Forum: General Development Discussion
Topic: Preventing spam (Ref: remove broken captchas)
Replies: 4
Views: 7443

Re: Preventing spam (Ref: remove broken captchas)

Some questions also seem to have been broken... The one "On which planet do we live?", in French, is definitely broken. There is a limited number of default questions, so someone just has to go round a few board, write up the questions they see and include them in their bot's code... I had...
by Nuisance Value
Sat Sep 07, 2013 7:51 am
Forum: [3.x] Rejected RFCs
Topic: [RFC] Use password_hash
Replies: 14
Views: 48913

Re: [RFC] Use password_hash

Whichever is used, I think the users should be given the choice when registering: either they want their password hashed, or they want to save it it uft8, (or they want to smoke it). Users sometimes contact me asking for their password. I tell them how they can get a new one, but that is often not w...