One of the more common Error Reports that you will receive in your email is the Dolphin Database Error Report.

You will see something like:

Debug backtrace

Followed by file locations, paths, and functions.

Oftentimes it does include your admin login name and admin password in MD5 encrypted format.

I have edited this but it will look something like this:
Request parameters:
    [verify] => 36cdf8b887a5cffc78dcd5c08991b993
    [adminID] => admin
    [adminPassword] => 36cdf8b887a5cffc78dcd5c08991b993

This kind of information you DO NOT want to post in a public forum such as the Boonex Unity Forums.

You are basically telling the entire world what your admin login name is and your password. Even though your password is MD5 encrypted there are a number of online sites that can and will decrypt this in a manner of seconds.

They won't be able to decrypt them all, but you really don't want to give anyone the opportunity just in case they can. Using some of the non standard characters (-_.($*@)[]) as part of your password will help quite a bit but nothing is really guaranteed.

So be sure you really look over what you are posting before doing so. It's best not to post this part or XXX them out if you are not sure.

For example this:
    [verify] => 36cdf8b887a5cffc78dcd5c08991b993
    [adminID] => admin                    <---Admin login name (admin)
    [adminPassword] => 36cdf8b887a5cffc78dcd5c08991b993    <---Admin password in MD5 encrypted format.

When decrypted at an online MD5 Decrypter this for example:
6131b2805ea86a6296fcdf200c5b19c0 = Dolphin

So I would now know that the login to this particular site would be:
Login: admin
Password: dolphin

I was looking at a few posts at Boonex Unity recently and did notice this in a few places that really shouldn't have been posted.

Most people I think are in a hurry for a quick fix and solution and just copy and paste it into the forum without even looking. Others probably don't realize that the big long MD5 encrypted string is actually their real password, and in some cases that it can be decrypted very easy.

So friendly reminder and tip...Don't post this kind of information in any public forum.

If you post this consider removing this part or XXX'ing them out maybe something like:
Request parameters:

Really there is no need to post this part of the Error Report at all.

If you have posted details that inluded this kind of information and/or your MD5 encrypted password consider changing your password at your earliest convenience.

In respect to the members who have joined your site you really shouldn't post any members MD5 encrypted passwords in a public forum like Boonex Unity or other as well.

Written By
Tutorial by: Jeremy LeSarge (AKA Ray)

I am the owner and administrator of DialMe.com. I write Tutorials for Boonex Dolphin as well as tips and resources surrounding website programming and development. I enjoy working with WordPress, SEO, and Web Hosting / Servers. I also maintain a WordPress Blog here on this site where you will find a variety of technology and webmaster resources.

Sponsored Links