|
|
Posted by AlexVN on 11/10/56 11:50
Katash,
Generally, when passwords are stored as hashes, the "retrieve password"
option is logically impossible. The "Reset password" option is used
instead, when the new password is mailed to the user in case when he
forget the password.
Sincerelly,
Alexander
http://www.alexatnet.com/
Katash wrote:
> Hello,
> I am new to PHP and am working on a login system for my site,
> currently supplied passwords are passed to MySQL and stored as md5 hashes,
> my question is :- seeing as md5 is 1 way only what would be the best way to
> implement a 'Forgotten Password' system whereby the user supplies an e-mail
> address and the password is mailed to the user?
>
> The process does not require military level security but I would like to
> keep stored passwords as hashes.
>
> I have an idea on how it can be done but I would like to hear a few other
> opinions
[Back to original message]
|