As every body as said, it is not a best security practice to decrypt
passwords if the user forgets it. You should not provide of ways for hackers
to decrypt such passwords in the event of a security incident. 

You better allow users to reset their passwords after providing evidence of
her/his authentication.

Miguel Guirao Aguilera, Linux+, ITIL
Sistemas de Información
Informática R8
Ext. 7540

--> -----Original Message-----
--> From: Nasreen Laghari [mailto:[EMAIL PROTECTED]
--> Sent: Miércoles, 27 de Febrero de 2008 12:52 a.m.
--> To:
--> Subject: [PHP-DB] Password Reset
--> Hi,
--> I have encrypted password in database and I encrypted using MD5().  As
--> it is a one-way Hash so I cant get password back to original text !!!
--> What encrypting technique I used to encrypt password so if user forget,
--> I can decrypt password and email it.
--> Regards
--> Nasreen
--> ________________________________________________________________________
--> ____________
--> Looking for last minute shopping deals?
--> Find them fast with Yahoo! Search.

PHP Database Mailing List (
To unsubscribe, visit:

Reply via email to