Encrypt New Account Password
| Encrypt New Account Password | |
|---|---|
| Summary | Removes the no surname count from the Top 100 Surnames in TNG 7.1.1 and above and in surnames and top surnames in TNG 7.1.0 |
| Validation | |
| Mod Updated | {{{mod_last_update}}} |
| Download link | encrypt_newacct_password_v1.0.zip |
| Download stats | |
| Author(s) | Sean Schwoere Config file by Ken Roy |
| Homepage | Encrypt New Account Password (This page) |
| Mod Support | TNG Community Forums |
| Contact Developer | |
| Latest Mod | 1.0 |
| Min TNG V | 7.0.0 |
| Max TNG V | 7.1.2 |
| Files modified | addnewacct.php admin/updateuser.php admin/edituser.php |
| Related Mods | None |
| Notes | If you encrypt the new account password, you will no longer be able to keep a list of users and passwords. The users will need to use the TNG password reset facility to change their password, if they forgot it. |
== Purpose of Mod ==
This mod encrypts the new account password from the start using md5 hashing so that it is no longer in the clear in your phpMyAdmin for Users who have not yet been approved.
The mod also removes the password from the email sent to the User when their account is approved.
Note that if you did not remove the password from the email, it would be an MD5 encrypted hash which would be very confusing for the registered user and could not be entered in the password field.
See the TNG Community Forum post for details on the mod.
Developer
Mod developer is Sean Schwoerer.
Requirements
- A working TNG installation. The automated installation release was initially tested at TNG Version 7.1.2.
- A backup of the following TNG files:
- addnewacct.php
- admin/updateuser.php
- admin/edituser.php
- An installed current version of the Mod Manager.
Automated Installation
Procedure:
- Download the encrypt_newacct_password_v1.0.zip
- Extract the downloaded file into the admin/mod_folder
- Follow the normal automated installation for Mod Manager, as shown in the example Mod Manager - Installing Config Files to install the encrypt_newacct_password_v1.0.cfg.
Manual Installation
The manual install instructions for this can be found in the TNG Community Forum post.
Visualization of this mod
Without this mod
|
The image on the right shows the admin/edituser notification email sent to the user without the mod installed where the password is shown in the clear in the email sent to the user when you authorize their User ID. |
 |
|
The image on the right shows the phpMyAdmin screen for the tng_users table without the mod installed where the password is shown in the clear. |
 |
With this mod installed
|
The image on the right shows the admin/edituser notification email sent to the user when the mod is installed where the password is no longer shown in the email sent to the user when you authorize their User ID. Note that if you did not remove the password from the email, it would be an MD5 encrypted hash as shown below in the image for phpMyAdmin. This password would be very confusing for the registered user and could not be entered in the password field. |
 |
|
The image on the right shows the phpMyAdmin screen for the tng_users table with a User Registration request before the mod installed where the password is shown in the clear and another User Registration request after the mod was installed where the password is now encrypted. |
 |
In the event of a problem
- Try using the Mod Manager Remove capability
- Or copy your backup file addnewacct.php to your TNG admin directory and your backup admin/updateuser.php and admin/edituser.php file to your TNG admin directory
