TalkPHP - View Single Post

Hightower · 05-27-2009, 12:47 PM

You can't. It looks like your password is stored in your MySQL database using an MD5 hash. It's a one way hashing algorithm (can't be reversed back to it's true value).

There are two methods to combat this:

1) Stop storing the password as an MD5 hash - store it in plain value (but this is not very secure at all!)
2) Rather than email the current password, create a new one and email that.

Method two would work like this in psuedo:

1) Generate a new random password
2) Send the new password in plain text via email
2) If the mail has successfully sent store the new password in the database as an MD5 hash

05-27-2009, 12:47 PM	#2 (permalink)
Hightower The Acquainted Join Date: May 2009 Location: Durham, UK Posts: 134 Thanks: 9	You can't. It looks like your password is stored in your MySQL database using an MD5 hash. It's a one way hashing algorithm (can't be reversed back to it's true value). There are two methods to combat this: 1) Stop storing the password as an MD5 hash - store it in plain value (but this is not very secure at all!) 2) Rather than email the current password, create a new one and email that. Method two would work like this in psuedo: 1) Generate a new random password 2) Send the new password in plain text via email 2) If the mail has successfully sent store the new password in the database as an MD5 hash __________________ Hightower's Softpolio