Hi PASSWORD() is not reversible, but ENCRYPT() might be worth a look. Are you sure you want unencrypted passwords on view? If you have a security breach, which can include a sacked or unhappy sys admin, who wants to hit back, then you could have a very uncomfortable situation!
Better to go with Seth's idea and send them a fresh password, unless there is a very good reason not to. Just my 2p worth :) HTH Peter ----------------------------------------------- Excellence in internet and open source software ----------------------------------------------- Sunmaia www.sunmaia.net [EMAIL PROTECTED] tel. 0121-242-1473 ----------------------------------------------- > -----Original Message----- > From: Seth Yount [mailto:[EMAIL PROTECTED]] > Sent: 22 June 2002 22:12 > To: [EMAIL PROTECTED] > Subject: [PHP-DB] Re: password()... is it possible? > > > I am not sure of the decrypting procedure for password(), > but if your > admin needs to view the passwords for the purpose of changing or > notifying forgotten passwords to the custormer you could use this > approach: > > Generate a random password (numbers and letters) that is > emailed to the > user. The user then logs on with their USERNAME and the new password. > Of course, the user then should be influenced to change the generated > password to something of their choice. > > This works well in that you can increase your security by > letting the > user know that 'nobody' will know their password, thus limiting access > to the users account/session to them alone. > > If this isn't the case that you are dealing with, then I am > just babbling > away... hope it helps ;) > > > César aracena wrote: > > > Hi all, > > > > I need the administrators of one site to actually see the user's > > passwords. I like using password() for encrypting but doesn't know if it > > can be retrieved in common English. > > > > Thanks, > > > > Cesar Aracena <mailto:[EMAIL PROTECTED]> > > CE / MCSE+I > > Neuquen, Argentina > > +54.299.6356688 > > +54.299.4466621 > > > > > > > > > -- > PHP Database Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
