[pmwiki-users] Find out which passwords are set
Mike
mike at widowitz.com
Sun Oct 4 04:15:32 CDT 2009
Ok, thank you.
Mike
Petko Yotov wrote on 25.09.2009 22:30:
> On Friday 25 September 2009 16:42:24 Mike wrote:
>> Hello everyone,
>
> Hello!
>
>> Now I have a particular page which I want to be available to all users
>> of the @readers group, as well as to anyone who know one of four passwords.
>>
>> So I set the read attribute to
>> @readers pw1 pw2 pw3 pw4
>>
>> Now unfortunately, if after 4 months I come back and forgot which
>> passwords I distributed, I cannot determine this anymore. All I see is
>> @readers *** *** *** ***.
>>
>> Would there be any way to find out in a way as convenient as possible,
>> which passwords have been set for which page?
>
> No, the page does not store the real passwords, but one-way encoded hashes --
> it can verify that the user knows the real password, but cannot decode back
> the password from the hash.
>
> It's a security measure, to prevent an attacker who managed to get the disk
> files to learn your real passwords.
>
>> In particular, the problem arises when I want to distribute one more
>> password but maybe forget one of the older ones: it then becomes
>> unusable which I did not want to achieve.
>
> If you disable a password because you don't remember it, the people who use it
> will call you, and you can fix it at that time. You can leave them a message
> not to panic, on your page [[Site.AuthForm]], it will appear on the login
> form.
>
> Thanks,
> Petko
>
More information about the pmwiki-users
mailing list