JLongo3925 Posted April 29, 2009 Report Share Posted April 29, 2009 I am trying to create a username and password retrieval form, which emails the user their username and password upon entering their email address in the form. The problem I am running into is the password part. I encrypt the password using the md5(); function. When I retrieve the username and password associated with the user and email them their password, I do not want the password to be in md5(); encryption. I want their password to be in "plain text". For instance, I have a password of JoeLongo where the md5(); version is b05cc42b0a4008d9a01694f6826f1de5. When the password is emailed to the person, I want them to have JoeLongo emailed to them and not b05cc42b0a4008d9a01694f6826f1de5. I know md5 is considered one way hash. Is there a way to do this? How should I handle people forgetting their username and password? Should I use md5 encryption? Thanks, Joe Quote Link to comment Share on other sites More sharing options...
falkencreative Posted April 29, 2009 Report Share Posted April 29, 2009 I have something similar set up for one of the sites I am working on at the moment. In my case, I have used md5() to store encrypt the password. If the user forgets their password, they fill out a form, and a new random password is created and emailed to them. When they log in for the first time using the new password, the system presents them with a form to update their password to something that will be more memorable for them. As you say, md5() is a one way hash, so it isn't possible to get the original from the hash (at least, not without a extremely long database of possible matches, which seems highly inefficient) Quote Link to comment Share on other sites More sharing options...
JLongo3925 Posted May 1, 2009 Author Report Share Posted May 1, 2009 Thanks again for your idea. I was racking my brain over ways to solve my issue. This offers a nice solution to my issues. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.