Andrew & Drew, May I bring to light an different aspect of password generation :
It generates the **same** "encrypted password" every time. e.g "test" may generate "XYXQ1111" . for the next test as password it will also generate "XYXQ1111". I needed to stop user from registering with standard passwords like "test" ; "test123" ; "bharti" etc. All I had to do is run the program which checks for these "standard generated passwords" and check with "generated user entered password" in batch or online. It case string matches , stop him from completing the process. I admit it was really dirty hack. This is debatable issues - It is feature or bug :) Ofbiz being Open source ; it has far more implication. Can password generation be parameterized so the generated password is different. Chand ----- Original Message ----- From: "Andrew Sykes" <[EMAIL PROTECTED]> To: <dev@ofbiz.apache.org> Sent: Wednesday, January 24, 2007 8:08 AM Subject: Re: How do I decrypt passwords? > Drew, > > I believe the encryption is asynchronous, i.e. not reversible. > > - Andrew > > On Wed, 2007-01-24 at 10:33 -0500, Stephens, Drew wrote: >> I have a question about decrypting passwords from the User_Login table. >> We need to prepare a file of User ID and passwords to an external >> system, I think I have found the programming used to encrypt and save >> the password to the database but I could find not any logic to decrypt >> the password. Obviously, if we can't decrypt we can't provide the >> password. I don't want to reverse engineer the encryption logic and >> then write a new decryption logic; I want to use something that already >> exists. >> >> We are running an old version of OFBIZ, I think 1.1 but I don't remember >> exactly how to find out for sure. >> >> Thanks for any help you can provide. >> >> >> Drew Stephens >> Rippe & Kingston Systems, Inc. >> [EMAIL PROTECTED] >> Phone: (513) 977-4573 >> >> Visit us at: www.rippe.com >> >> 1077 Celestial Street, Cincinnati, Ohio 45202-1696 >> >> ======================================================================== >> ======= >> >> > -- > Kind Regards > Andrew Sykes <[EMAIL PROTECTED]> > Sykes Development Ltd > http://www.sykesdevelopment.com > >