[PHP] md5 decrypt
Is there away to take a md5 encrypted password and decrypt it and give that to the client, if they fogot their password. = dan mccullough Theres no such thing as a problem unless the servers are on fire! __ Do You Yahoo!? Buy the perfect holiday gifts at Yahoo! Shopping. http://shopping.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] md5 decrypt
On Wed, 5 Dec 2001, Dan McCullough wrote: -Is there away to take a md5 encrypted password and decrypt it and give that to the client, if they -fogot their password. No. - -= -dan mccullough - -Theres no such thing as a problem unless the servers are on fire! - - -__ -Do You Yahoo!? -Buy the perfect holiday gifts at Yahoo! Shopping. -http://shopping.yahoo.com - --- -PHP General Mailing List (http://www.php.net/) -To unsubscribe, e-mail: [EMAIL PROTECTED] -For additional commands, e-mail: [EMAIL PROTECTED] -To contact the list administrators, e-mail: [EMAIL PROTECTED] - ** John Huggins VANet 7101 Oriole Avenue Springfield, VA 22150 703-912-6453 703-912-4831 fax [EMAIL PROTECTED] http://www.va.net/ ** -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] md5 decrypt
I'm pretty sure you can't. You would have to set up an area where they can have their password reset and the new password emailed to their email address. Jeff - Original Message - From: Dan McCullough [EMAIL PROTECTED] To: PHP General List [EMAIL PROTECTED] Sent: Wednesday, December 05, 2001 2:21 PM Subject: [PHP] md5 decrypt Is there away to take a md5 encrypted password and decrypt it and give that to the client, if they fogot their password. = dan mccullough Theres no such thing as a problem unless the servers are on fire! __ Do You Yahoo!? Buy the perfect holiday gifts at Yahoo! Shopping. http://shopping.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] md5 decrypt
Dan McCullough [EMAIL PROTECTED] wrote: Is there away to take a md5 encrypted password and decrypt it and give that to the client, if they fogot their password. Short answer is no, long answer below. I just answered this on another list 10 minutes ago so I'm pasting in part of my reply unedited. You could use something like John the Ripper, which is a password cracker you can install on the server. It works by taking a list of words, word-number combinations, etc. from a dictionary and encrypting them, then comparing the encrypted results with the encrypted passwords stored on your server. If there's a match it notes the cracked password. It's good for detecting weak passwords and can actually detect them very quickly, but if the passwords are strong then it's not effective for your purposes (that's a good thing) since by the time it cracked the password (if it did) your user would have likely taken their business elsewhere. On a few servers I manage I run it periodically to check for weak passwords, then I contact the users with weak passwords and ask that they change them. John the Ripper: http://www.openwall.com/john/ -- Steve Werby President, Befriend Internet Services LLC http://www.befriend.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]