> -----Original Message----- > From: JeRRy [mailto:[EMAIL PROTECTED] > Sent: Tuesday, June 24, 2003 9:50 AM > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: Re: [PHP-DB] md5 question! >
> So with md5 I can > retrieve the passwords back to the user if they lose > them via email. No, you can't. You'll need to generate a new password, md5 it, store it & mark it expired, timestamp it so it's only valid for, say, 30 minutes, email it, and finally, force the person to choose a new password when they sign in. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
