[prev in list] [next in list] [prev in thread] [next in thread]
List: php-windows
Subject: Re: [PHP-WIN] crypt() with decription
From: 77.181.216.215
Date: 2007-12-04 17:32:08
Message-ID: D1.23.27173.C1F85574 () pb1 ! pair ! com
[Download RAW message or body]
I can only agree Bill and Elizabeth.
@Nishantha:
Do you only need a password-recovery function for registered users? Then
simply create an random-string, save it in an extra column of your Data
Stock and give it to the user. Also you can - as Elizabeth wrote - use an
two-way-decryption and give the user the decrypted version. But that'll open
a huge securityhole in your application. Fact: Users will use the same
password in different systems. So first: Can and will the User trust you?
Second: Can you trust the people that can look into the database/file/stock?
Third: Can you by 100% trust your sourcecode, so that never a third party
hacks your system and decryps all passwords?
I would ever prefer an one-way-function when the project afford it.
--
Mit freundlichen Grüßen / Best Regards
Oliver Espeter
""Bill Bolte"" <billb@hightouchinc.com> schrieb im Newsbeitrag
news:013FC758865CF645976E313AEB6A709905FB9A24@htmail.hightouchinc.com...
There isn't a way to un-encrypt it, it's a one-way encryption
(http://www.php.net/manual/en/function.crypt.php). The user will have to
recreate their password.
-----Original Message-----
From: Nishantha Pradeep [mailto:nishantha@bcsc.lk]
Sent: Monday, December 03, 2007 9:15 PM
To: php
Subject: [PHP-WIN] crypt() with decription
I used php crypt() function to encript password (as a simple encryption)
but
how I decrypt that encrypted password because I want to send the
password to
the user when it requested.
--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic