Hi Walter
> My question is, as I read in the documentation, that the process is
> irreversible, how can I deal with the fact
> that a user can forget his password, if I will not be able to retrieve the
> original string, because what i can see is the encrypted data
The purpose of the encrypted password is not to be able to decrypt it, so
that
the people who have access to the database couldn't use the user's
password
for any purposes.
To deal with the forgotten passwords, you take all the basic steps to
ensure
that the user is the one, and create a random string for the user, then
apply PASSWORD() on the random password and save it.
Then you send the same random string for the user himself. So then, he
will
use that newly created password to access his account (and chage it to
some
more friendly one if you provide such functionality)
--
sherzodr
>
>
> ---------------------------------------------------------------------
> Before posting, please check:
> http://www.mysql.com/manual.php (the manual)
> http://lists.mysql.com/ (the list archive)
>
> To request this thread, e-mail <[EMAIL PROTECTED]>
> To unsubscribe, e-mail <[EMAIL PROTECTED]>
> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
>
>
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
