Enter your email address in the form below and click on 'Send code',
an we'll email you a random, secret, one-time code which you can use to
identify yourself to us, so that we can let you change your password
to a new one.
We can not email your password to you, because we do not store
any passwords as such. We calculate an PBKDF2 SHA256 hash from the password
and store that in our database.
The PBKDF2 algorithm,
described in RFC 2898, is a key derivation function which recursively
calls HMAC-SHA256. There is no way to decrypt the password from the
resulting hash which is stored in the database but the hash can be used
to verify if the entered password is correct.
We do not have to store your password (if someone manages to break
into our database and steal the user list, they do not get the
passwords!), but we can check if you're giving us the same
password that you gave last time.
|