Yeah, in fact that's my point. If you cannot decrypt a password, there's no
way to return it , right?
So how come these "big guys" DO return it to you?
And what is the most secure way for it. Some of these companies deal with
finances, the security is a REAL issue over there...
Maxim Maletsky
-----Original Message-----
From: Chris Lee [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, January 16, 2001 11:16 AM
To: [EMAIL PROTECTED]
Subject: Re: [PHP] password() ::: and it's return...
sites do though. many sites allow me to click some link and they email me my
passwd in case Ive forgoten it. ICQ.com even does this.
Chris Lee
Mediawaveonline.com
""Josh G"" <[EMAIL PROTECTED]> wrote in message
00e401c07f60$f325c2a0$0e01a8c0@swinger">news:00e401c07f60$f325c2a0$0e01a8c0@swinger...
> I'm not sure I understand the question. What exactly do you mean? Are
> you talking about returning it from the client already encrypted? Not sure
> if anybody does that, as JS doesn't have a whole lot of useful encryption
> stuff in it, and iirc the md5() algorith is rather lengthy.
>
> Gfunk - http://www.gfunk007.com/
>
> I sense much beer in you. Beer leads to intoxication, intoxication to
> hangovers, and hangovers to... suffering.
>
>
> ----- Original Message -----
> From: "Maxim Maletsky" <[EMAIL PROTECTED]>
> To: "'Chris Lee'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
> Sent: Tuesday, January 16, 2001 1:01 PM
> Subject: RE: [PHP] password() ::: and it's return...
>
>
> >
> > Instead I am curious how other developers on this list are returning the
> > MD5, password() or whatever in permanently encrypted passwords...
> >
> > What are procedures and what is the way the return process work?
> > Any tricks/tips to share with all of us?
> >
> > Cheers,
> > Maxim Maletsky
> >
> >
> >
> > -----Original Message-----
> > From: Chris Lee [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, January 16, 2001 10:53 AM
> > To: [EMAIL PROTECTED]
> > Subject: Re: [PHP] password()
> >
> >
> > simple answer is no. the only way to decrypt the passwd is to run it
> through
> > a cracker. All admins are used to this and know that if a user has lost
a
> > passwd that they are going to have to give them a new one, finding the
old
> > just isnt work one week of processing time :)
> >
> > Im curious to see how other php developers store their passwd's
> > -plain text in db
> > -use of unix password()
> > -use of db password()
> > -other ?
> >
> > Chris Lee
> > Mediawaveonline.com
> >
> >
> > ""Jason Jacobs"" <[EMAIL PROTECTED]> wrote in message
> > 011501c07f3f$c415bcc0$5800a8c0@doc">news:011501c07f3f$c415bcc0$5800a8c0@doc...
> > > Hi. I use password() to excrypt my passwords when I'm adding users to
> my
> > > mysql database. I'm wondering if there's a function to use to
> un-encrypt
> > it
> > > (for a web interface to change the password, and so the admin who is
> > editing
> > > user info can see what it is). Thanks for any help.
> > >
> > > Jason
> > >
> > >
> > >
> > > --
> > > PHP General Mailing List (http://www.php.net/)
> > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > For additional commands, e-mail: [EMAIL PROTECTED]
> > > To contact the list administrators, e-mail:
[EMAIL PROTECTED]
> > >
> >
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> > To contact the list administrators, e-mail: [EMAIL PROTECTED]
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> > To contact the list administrators, e-mail: [EMAIL PROTECTED]
> >
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
