mellowfish
No user record in our sample, but mellowfish has activity below (stories or comments). Likely we have partial data — the full bulk-load will fill profiles in.
No user record in our sample, but mellowfish has activity below (stories or comments). Likely we have partial data — the full bulk-load will fill profiles in.
For login purposes, it is indeed good to use hashes, this prevents timing attacks and the like. But I fail to see the harm in keeping encrypted passwords for admin purposes. It is very helpful in certain situations.
Being able to send passwords back over email and/or view them as an admin does not mean they are stored in the DB in the clear. It is a fairly common practice to strongly encrypt passwords in the DB and decrypt them…