Quote:
|
Originally Posted by RawAlex
Okay, here is my couple of cents worth on this:
In many security schemes, passwords are encoded - often the encoding scheme is one way. Past passwords are often stored (ENCODED, I might add) in a "past passwords" file. When you go to change your password, the new password you request is encoded and compared to the encoded items on the past password list. If there is a match (encode to encoded) they will decline the password.
There is no way to determine what that encoded password is, therefore no way to easily recover as password except to issue a new one.
Nice conspiracy theory, but sorry, common sense in programming and security says "fake drama" all over your thread.
Alex
|
Think again wise guy.
We already know the passwords are encrypted that doesn't explain why they had to be changed altho they still have the old hashes.