Usually passwords are encrypted using one-way algorithms. Of course, there are two-way algorithms which can be reversed, but time and experience has shown that not to be necessary for user passwords.
A one-way algorithm is much like the modulus operation: 15 % 4 gives you 3 but even if you know the result and the divider, there is no way you can guess that 15 was the original number. One-way encryption algorithms do something like this, they loose some information in the process so the original cannot be recovered (no decryption) even though the encryption process is perfectly predictable and reproducible. Though the impossibility of recovery can be seen as a drawback it also means that the system administrator nor the programmer can figure out the passwords, thus, my password is safe, even from the administrator or his/her newbie junior assistant who dreams with becoming a famous hacker. Thus, if a user gets his/her password lost, you e-mail a new and urge him/her to change it ASAP. Satyam "Deep" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > > Hi evryone, > > I want to implement a site where i would like to > encrypt the password of the users and store it into > mysql > database. My question is that , In case if the user > has forgotten the password how can he retrieve the > password(which is already encrypted and stored...the > user should be able to get the decrypted password). > > Also which encryption method would you recommend. ie. > md5,crypt, etc.... > > Thanx, > ..Deeps.. > > ________________________________________________________________________ > Yahoo! India Matrimony: Find your life partner online > Go to: http://yahoo.shaadi.com/india-matrimony -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
