|
Posted by Satyam on 05/10/05 20:27
Usually passwords are encrypted using one-way algorithms. Of course, there
are two-way algorithms which can be reversed, but time and experience has
shown that not to be necessary for user passwords.
A one-way algorithm is much like the modulus operation: 15 % 4 gives you 3
but even if you know the result and the divider, there is no way you can
guess that 15 was the original number. One-way encryption algorithms do
something like this, they loose some information in the process so the
original cannot be recovered (no decryption) even though the encryption
process is perfectly predictable and reproducible.
Though the impossibility of recovery can be seen as a drawback it also means
that the system administrator nor the programmer can figure out the
passwords, thus, my password is safe, even from the administrator or his/her
newbie junior assistant who dreams with becoming a famous hacker.
Thus, if a user gets his/her password lost, you e-mail a new and urge
him/her to change it ASAP.
Satyam
"Deep" <sudeepfiles@yahoo.co.in> wrote in message
news:20050510130507.32461.qmail@web8510.mail.in.yahoo.com...
>
> Hi evryone,
>
> I want to implement a site where i would like to
> encrypt the password of the users and store it into
> mysql
> database. My question is that , In case if the user
> has forgotten the password how can he retrieve the
> password(which is already encrypted and stored...the
> user should be able to get the decrypted password).
>
> Also which encryption method would you recommend. ie.
> md5,crypt, etc....
>
> Thanx,
> ..Deeps..
>
> ________________________________________________________________________
> Yahoo! India Matrimony: Find your life partner online
> Go to: http://yahoo.shaadi.com/india-matrimony
[Back to original message]
|