Thanks for the suggestions. I guess I can try to:
A) Store the password in plaintext if I need to retrieve the password. B) Store the password using PASSWORD() and then generate a new random password if needed, replacing the old password. C) Look into mcrypt, ENCODE()/DECODE(), encipher/decipher Thanks, Zach -----Original Message----- From: Matt Wagner [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 19, 2001 12:52 PM To: Zach Curtis Cc: [EMAIL PROTECTED] Subject: Re: Decrypting PASSWORD() from MySQL Zach Curtis writes: > I have a form for a user to request their forgotten username and password by > entering their email address. I then process this using PHP and use mail() > to send them their username and password. However, the password is stored in > an encrypted PASSWORD('password') field in the MySQL table. How can I > retrieve the decrypted password in a SELECT statement? Zach, You cannot do this. PASSWORD() is one-way. What you have to do is have two fields, 'passwd' and 'epasswd', with 'passwd' being clear-text, the other being encrypted (with PASSWORD() or other). If you want to obscure the clear-text field in a decodable fashion, then check out the ENCODE()/DECODE() functions. Note, in MySQL 4.x there will be two new functions, DES_ENCRYPT()/DES_DECRYPT(). Matt -- For technical support contracts, visit https://order.mysql.com/ __ ___ ___ ____ __ / |/ /_ __/ __/ __ \/ / Mr. Matt Wagner <[EMAIL PROTECTED]> / /|_/ / // /\ \/ /_/ / /__ MySQL AB, Herr Direktor /_/ /_/\_, /___/\___\_\___/ Hopkins, Minnesota USA <___/ www.mysql.com --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
