> -----Original Message-----
> From: JeRRy [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, June 24, 2003 9:50 AM
> To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: Re: [PHP-DB] md5 question!
> So with md5 I can
> retrieve the passwords back to the user if they lose
> them via email.
No, you can't. You'll need to generate a new password, md5 it, store it
& mark it expired, timestamp it so it's only valid for, say, 30 minutes,
email it, and finally, force the person to choose a new password when
they sign in.
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php