Thanks, that's what I originally thought that it was
one way. So websites that have the option to retrieve
password don't use md5?
I guess technically there MUST be a way to break the
barrier where you can reverse it. If there is a way
to make it there is always a way to break it, somehow.
!!!! But what I have heard and read it's very tight
and probably the best method to handle passwords for
now, until something new is released. Which will
happen when md5 is broken, like everything else after
a little bit of time.
--- Marco Tabini <[EMAIL PROTECTED]> wrote: > Hi
> No, md5 is a one-way hash. That's why it's so
> safe--because if someone
> steals the information he still can't tell what the
> passwords are.
> You may want to reset the passwords upon your users'
> request and send it
> to them via e-mail instead.
> php|architect -- The Magazine for PHP Professionals
> Come try us out at http://www.phparch.com and get a
> free trial issue
> On Tue, 2003-06-24 at 08:35, JeRRy wrote:
> > Hi,
> > If I use md5 to handle passwords to my database is
> > there a way to reverse the action if someone
> > their password? Is there a way for me to decode
> > 32bit to plain text?
> > Jerry
> > http://mobile.yahoo.com.au - Yahoo! Mobile
> > - Check & compose your email via SMS on your
> Telstra or Vodafone mobile.
> Marco Tabini
> Marco Tabini & Associates, Inc.
> 28 Bombay Avenue
> Toronto, ON M3H 1B7
> Phone: (416) 630-6202
> Fax: (416) 630-5057
> Web: http://www.tabini.ca
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
http://mobile.yahoo.com.au - Yahoo! Mobile
- Check & compose your email via SMS on your Telstra or Vodafone mobile.
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php