Re: Decrypt MYSQL Password
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Ben, From the MySQL man online @ http://www.mysql.com/doc/en/Miscellaneous_functions.html#IDX1330 : PASSWORD() encryption is non-reversible. To create a forgot your password page, the best method is to generate a net password and send that new password. To make it easier to your users to remember their passwords, the best way is to set that password as a temporary one, that only allows them to set the original password. (maybe using a diferent field, so they can keep the original password if someone else goes to your site and request the password, just because he was bored. MPNeves On Wednesday 13 November 2002 07:27 am, Ben C. wrote: I am using the MySQL password() function for the my passwords on the user names. How do I decrypt the password in PHP to send it in an e-mail. I am making a forgot your password page and want to have the user enter their e-mail and have the password sent to them. Please help! - -- Merlin, the Mage themage.camelot.co.pt -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE90hleKOMrqDFTeBARAoc7AKDozVXEVP8Tfv8Qjx9DE4ChPF8zsACaAh/C efo5W0z4+dO3UEvTnDz9qJk= =i4Oj -END PGP SIGNATURE- - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
AW: Decrypt MYSQL Password
Hi Ben, As far as I know the algorithm used for the decrypting is a one-way hash function, thus there is no way of decrypting it. You may consider to reset the password and mail the user the new one instead of mailing the old password. The second solution is to store the password a second time as clear-text at the user's property. Regards, Wolf -Originalnachricht- Von: Ben C. An: [EMAIL PROTECTED] Gesendet: 13.11.2002 08:27 Betreff: Decrypt MYSQL Password I am using the MySQL password() function for the my passwords on the user names. How do I decrypt the password in PHP to send it in an e-mail. I am making a forgot your password page and want to have the user enter their e-mail and have the password sent to them. Please help! -- The content of this email message and any attachments are confidential and may be legally privileged, intended solely for the addressee. If you are not the intended recipient, be advised that any use, dissemination, distribution, or copying of this e-mail is strictly prohibited. If you receive this message in error, please notify the sender immediately by reply email and destroy the message and its attachments. - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Re: Decrypt MYSQL Password
Ben C. wrote: I am using the MySQL password() function for the my passwords on the user names. How do I decrypt the password in PHP to send it in an e-mail. I am Short answer: You don't. Long answer: search the archives for this mailing list; it was asked about a week ago and I gave a longer much more accurate answer then. -- Michael T. Babcock C.T.O., FibreSpeed Ltd. http://www.fibrespeed.net/~mbabcock - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Re: Decrypt MYSQL Password
I am a little new to MySQL and PHP. How do I make the password a temporary password. So when they login the first time they need to reset the password? Thanks for you help in advance. Ben From: Merlin, The Mage [EMAIL PROTECTED] Date: 2002/11/13 Wed AM 04:20:20 EST To: Ben C. [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Decrypt MYSQL Password -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Ben, From the MySQL man online @ http://www.mysql.com/doc/en/Miscellaneous_functions.html#IDX1330 : PASSWORD() encryption is non-reversible. To create a forgot your password page, the best method is to generate a net password and send that new password. To make it easier to your users to remember their passwords, the best way is to set that password as a temporary one, that only allows them to set the original password. (maybe using a diferent field, so they can keep the original password if someone else goes to your site and request the password, just because he was bored. MPNeves On Wednesday 13 November 2002 07:27 am, Ben C. wrote: I am using the MySQL password() function for the my passwords on the user names. How do I decrypt the password in PHP to send it in an e-mail. I am making a forgot your password page and want to have the user enter their e-mail and have the password sent to them. Please help! - -- Merlin, the Mage themage.camelot.co.pt -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE90hleKOMrqDFTeBARAoc7AKDozVXEVP8Tfv8Qjx9DE4ChPF8zsACaAh/C efo5W0z4+dO3UEvTnDz9qJk= =i4Oj -END PGP SIGNATURE- - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Re: Decrypt MYSQL Password
At 23:27 -0800 11/12/02, Ben C. wrote: I am using the MySQL password() function for the my passwords on the user names. How do I decrypt the password in PHP to send it in an e-mail. I am making a forgot your password page and want to have the user enter their e-mail and have the password sent to them. Please help! It's always a good idea to read the manual before assuming that a function behaves in a certain way. In this case, what you ask is impossible. The manual makes it clear that PASSWORD() encryption is non-reversable: http://www.mysql.com/doc/en/Miscellaneous_functions.html Alternatives: ENCODE()/DECODE() AES_ENCRYPT()/AES_DECRYPT() DES_ENCRYPT()/DES_DECRYPT() - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
AW: Decrypt MYSQL Password
Ben, create a column in the user table, that holds a flag called mustChangePassword (or whatever you want to name it). Then write your PHP code that way, that a login of a user who must change his password will be redirected to the change password page and store the new password and reset the flag to false. Regards Hans -Ursprüngliche Nachricht- Von: Ben C. [mailto:benc;cox.net] Gesendet: Mittwoch, 13. November 2002 18:27 An: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Betreff: Re: Decrypt MYSQL Password I am a little new to MySQL and PHP. How do I make the password a temporary password. So when they login the first time they need to reset the password? Thanks for you help in advance. Ben From: Merlin, The Mage [EMAIL PROTECTED] Date: 2002/11/13 Wed AM 04:20:20 EST To: Ben C. [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Decrypt MYSQL Password -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Ben, From the MySQL man online @ http://www.mysql.com/doc/en/Miscellaneous_functions.html#IDX1330 : PASSWORD() encryption is non-reversible. To create a forgot your password page, the best method is to generate a net password and send that new password. To make it easier to your users to remember their passwords, the best way is to set that password as a temporary one, that only allows them to set the original password. (maybe using a diferent field, so they can keep the original password if someone else goes to your site and request the password, just because he was bored. MPNeves On Wednesday 13 November 2002 07:27 am, Ben C. wrote: I am using the MySQL password() function for the my passwords on the user names. How do I decrypt the password in PHP to send it in an e-mail. I am making a forgot your password page and want to have the user enter their e-mail and have the password sent to them. Please help! - -- Merlin, the Mage themage.camelot.co.pt -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE90hleKOMrqDFTeBARAoc7AKDozVXEVP8Tfv8Qjx9DE4ChPF8zsACaAh/C efo5W0z4+dO3UEvTnDz9qJk= =i4Oj -END PGP SIGNATURE- - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Re: Decrypt MYSQL Password
Hi, You can make your own authentification system.A table which can have a binary char/varchar field for encrypted password(effect similar like password from mysql.user) and another char for ASCII password. If you not use grant statement for adding new user, you can use the MySQL authentification system and you can make relation between this table and mysql.user using encrypted password like foreign key. Regards, Gelu _ G.NET SOFTWARE COMPANY Permanent e-mail address : [EMAIL PROTECTED] [EMAIL PROTECTED] - Original Message - From: Merlin, The Mage [EMAIL PROTECTED] To: Ben C. [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Wednesday, November 13, 2002 7:53 PM Subject: Re: Decrypt MYSQL Password Well, my ideia was to have two diferent fields, the first one to the real password, and the second to the tmp passwd. When the user logs normally, the tmppasswd is set to null, and when the user request a new passwd, this field is set to the temporary password. This will sent an email to the user with a link that allow the user to type the temporary passwd and if correct, set the real one. mpneves On Wednesday 13 November 2002 05:26 pm, Ben C. wrote: I am a little new to MySQL and PHP. How do I make the password a temporary password. So when they login the first time they need to reset the password? Thanks for you help in advance. Ben From: Merlin, The Mage [EMAIL PROTECTED] Date: 2002/11/13 Wed AM 04:20:20 EST To: Ben C. [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Decrypt MYSQL Password -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Ben, From the MySQL man online @ http://www.mysql.com/doc/en/Miscellaneous_functions.html#IDX1330 : PASSWORD() encryption is non-reversible. To create a forgot your password page, the best method is to generate a net password and send that new password. To make it easier to your users to remember their passwords, the best way is to set that password as a temporary one, that only allows them to set the original password. (maybe using a diferent field, so they can keep the original password if someone else goes to your site and request the password, just because he was bored. MPNeves On Wednesday 13 November 2002 07:27 am, Ben C. wrote: I am using the MySQL password() function for the my passwords on the user names. How do I decrypt the password in PHP to send it in an e-mail. I am making a forgot your password page and want to have the user enter their e-mail and have the password sent to them. Please help! - -- Merlin, the Mage themage.camelot.co.pt -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE90hleKOMrqDFTeBARAoc7AKDozVXEVP8Tfv8Qjx9DE4ChPF8zsACaAh/C efo5W0z4+dO3UEvTnDz9qJk= =i4Oj -END PGP SIGNATURE- -- Merlin, the Mage themage.camelot.co.pt - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Decrypt MYSQL Password
I am using the MySQL password() function for the my passwords on the user names. How do I decrypt the password in PHP to send it in an e-mail. I am making a forgot your password page and want to have the user enter their e-mail and have the password sent to them. Please help! -- The content of this email message and any attachments are confidential and may be legally privileged, intended solely for the addressee. If you are not the intended recipient, be advised that any use, dissemination, distribution, or copying of this e-mail is strictly prohibited. If you receive this message in error, please notify the sender immediately by reply email and destroy the message and its attachments. - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php