Posted by Philip Hallstrom on 05/10/05 17:45
> I want to implement a site where i would like to
> encrypt the password of the users and store it into
> mysql
> database. My question is that , In case if the user
> has forgotten the password how can he retrieve the
> password(which is already encrypted and stored...the
> user should be able to get the decrypted password).
Once encrypted that's it. The user can't get it back. Best thing is to
ask them to verify additional information and then send a randomly
generated passwort to the email address *you* have on file for that user.
They can then change it when they login.
> Also which encryption method would you recommend. ie.
> md5,crypt, etc....
of those two, md5. search the net for discussions about md5 vs sha1...
-philip
[Back to original message]
|