I am trying to create a username and password retrieval form, which emails the user their username and password upon entering their email address in the form. The problem I am running into is the password part. I encrypt the password using the md5(); function. When I retrieve the username and password associated with the user and email them their password, I do not want the password to be in md5(); encryption. I want their password to be in "plain text".
For instance, I have a password of JoeLongo where the md5(); version is b05cc42b0a4008d9a01694f6826f1de5. When the password is emailed to the person, I want them to have JoeLongo emailed to them and not b05cc42b0a4008d9a01694f6826f1de5. I know md5 is considered one way hash.
Is there a way to do this? How should I handle people forgetting their username and password? Should I use md5 encryption?