> -----Original Message-----
> From: JeRRy [mailto:[EMAIL PROTECTED] 
> Sent: Tuesday, June 24, 2003 9:50 AM
> Subject: Re: [PHP-DB] md5 question!

> So with md5 I can
> retrieve the passwords back to the user if they lose
> them via email. 

No, you can't.  You'll need to generate a new password, md5 it, store it
& mark it expired, timestamp it so it's only valid for, say, 30 minutes,
email it, and finally, force the person to choose a new password when
they sign in. 

PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to