As the title states, I need to ask; how do you make a password recovery when the database MD5's the value? There is no way to reverse MD5, and storing the password as plain-text is not safe... so how do you do it?
No. If someone forgets their password, it's better (and the only option) to make a new one.
Exactly. It's very common (this forum does it, for example) to have a 'reset password' function. MD5 is a one-way hash, it can't be reversed. You come up with a decent algorithm to create a perfectly random password, store it in the `user_password` field in the database for that user, and then email it to them. Hopefully, they still have access to that email account (and they alone have access to it), retrieve the new unique password and then login with that. Once logged in, they can reset (and you can then update the users table with) their own password.
...Or what a lot of systems do is prompt you for a secret question, and then the question's secret answer. Then when you want to reset the password, you need to answer the question. That then allows you to change your password even if you no longer have access to the email address associated with your account. Then from within the system you will be able to change the email.
The man who comes back through the Door in the Wall will never be quite the same as the man who went out.
The Following User Says Thank You to Wildhoney For This Useful Post:
Thanks for all of your help! I really didn't even think of a password reset.
Seriously, most people (including me sometimes) forget that setting a new password is the best option. If you know a person very well, even a secret question wont suffice.
What you do is:
2. Forgot your password?
3. Send a mail with an activation key (perhaps linked to IP) to RESET the password.
4. Reset (with a hash) the password and enter a approx. 12 long string.
5. Send the password to the email together with an activation key.
6. Let the user enter the OLD password, the activation key and then once logged in (or at the activation key page) set their new password intimidate.
Most secure and common way to do it I guess.
"Life is a bitch, take that bitch on a ride"
The Following User Says Thank You to ReSpawN For This Useful Post:
I know it's a bit off the original question, but you could try using AES_ENCRYPT / AES_DECRYPT in mysql rather than MD5 for storing passwords, but I totally agree with the members that saying storing a non-reversible password is the best solution.