As every body as said, it is not a best security practice to decrypt passwords if the user forgets it. You should not provide of ways for hackers to decrypt such passwords in the event of a security incident.
You better allow users to reset their passwords after providing evidence of her/his authentication. __________________ Miguel Guirao Aguilera, Linux+, ITIL Sistemas de Información Informática R8 Ext. 7540 --> -----Original Message----- --> From: Nasreen Laghari [mailto:[EMAIL PROTECTED] --> Sent: Miércoles, 27 de Febrero de 2008 12:52 a.m. --> To: php-db@lists.php.net --> Subject: [PHP-DB] Password Reset --> --> Hi, --> --> I have encrypted password in database and I encrypted using MD5(). As --> it is a one-way Hash so I cant get password back to original text !!! --> --> What encrypting technique I used to encrypt password so if user forget, --> I can decrypt password and email it. --> --> --> Regards --> --> Nasreen --> --> --> --> ________________________________________________________________________ --> ____________ --> Looking for last minute shopping deals? --> Find them fast with Yahoo! Search. --> http://tools.search.yahoo.com/newsearch/category.php?category=shopping -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
