0
votes

For a website which stores passwords hashed with the password_hash php function, I was thinking of the following way to enable users to reset their passwords, but I did not know if it caused any security breach:

  1. User fills form with their email/username combination
  2. Form retrieves this user's hashed password and sends it by email
  3. User fills form with their hashed password, and their new password
  4. Database is updated with new password

This seems to ensure that only someone with access to the account owner's email could change the password

1
Why the hell would you send them the "encrypted" (it's hashed not encrypted) password? To what end?PeeHaa
Just make a form to set a new password it's a lot safer and easier to maintainSuperDJ
Hash the password! Hashing is a one way mechanism.Rotimi
I handle this situation with this method: When user click on forgot password, his username with a long random string save to database then an email is sent for him with a link. This link contains username and random string as query strings. Now he can select new password by following that link. That link goes to a file which validate query strings (which are saved in database) and lets the user to select a new password.ata

1 Answers

2
votes

Emailing the hashed password exposes this in plaintext over email. While a strong hashing function prevents brute-forcing, it is still susceptible to dictionary attacks and the like. So, if an attacker were to intercept the email they might be able to determine the password.

This is especially troublesome knowing that many users reuse passwords across different services. Also, such an email can remain in the users' mailbox for a long time. This means that the security risk could remain for years after the user successfully resets his/her password.

A much safer alternative is to use a one-time random token (which you will of course need to store somewhere in the database), ideally also limited in time: this ensures only the recipient of the email can reset the password while avoiding the risk mentioned above.