I have used hibernate in my application. I have a login page where user enters credentials, they are validated from DB. Now, if a user forgets their password, I have provided a link "forgot passwod" which redirects to a webpage, which takes email id as input from user, and then the control is passed to a servlet, where I want to fetch the password of that user from the database, what should I use for it? I think I cannot use resultSet as I want only one password at a time to be fetched from database and sent in an email to the user.
Resultsets can return any number of records, 0, 1 or many.
But more importantly, you should never send passwords by email. In fact, that should not even be possible: the proper way to store passwords is hashed (maybe using SHA 256), so nobody (including the server-side code) can get at them.
I am storing encrypted password values in the database, I was thinking of sending the decrypted value to the email if if somebody forgets their password. Is this not okay? If not, then:
If i do the reset password, I will allow the user to reset their password by e-mailing them a link to reset the password, where I will use session value to update the password in the database with the new password that the user inputs? Am I right?
Tim is correct, it should not be possible to decrypt the password, nor is it recommended to send it over e-mail. You store the encrypted (salted) hash of the password in the db, and compare this against any requests to login.
Using a URL/temp password for password reset is much more common provided you make sure that:
- It expires if not used within a relatively small time frame (one hour or one day)
- It can only be used once and then never again
You shouldn't replace the users password in the database with the temp one, though, as it may not have been the user that requested the reset. It should be in a separate table/column.
Certain components of a software system are so critical, that not applying best development practices in those areas can slam a company with shockingly high legal, financial, customer, organizational and business costs - and all that slamming together all at the same time!
Storing passwords in plaintext and mailing them to customers is such a basic security mistake and has caused so many data breaches that it's not even funny now in 2015.
How would you feel if your bank sent you an email today stating that your savings account details, password and CVV may be compromised, and that you should check for any unauthorized transactions? Would you continue keeping your money in such a bank?
Guess whom managements blame when (and in 2015, it really has become a case of when, not if) data breaches occur?
This is not just another programming problem to be solved by googling and copy pasting some code snippets from the Internet.
This is one of those situations where a company's management may not realize the criticality of the problem, or may have simply assumed that their development team will do the right thing.
So as a software engineer with a code of ethics, it's upto you to step up and do the right thing the right way.
In my opinion, you should stop the coding, talk to your managers about the criticality of this area, upgrade your knowledge by yourself or with company sponsored training (preferably the latter), and only then come back to the coding.
Here are a few resources that will help. Don't skip reading the long form articles.
I didn't check your reply until now, but I already moved up to the part where I am saving encrypted passwords now and sending a password reset link to the user(not copy pasted, I tried to do it myself) but I am not able to send a link via mail, Trying to work on that now. And I will read all the links you have posted. Thanks for the effort. It is much appreciated. :-)