Announcement

Collapse
No announcement yet.

md5 decryption?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • md5 decryption?

    Gotta question for ya...

    I'm developing a request password script (email the password to the user), and all the passwords are encrypted using the md5 hash/function.

    I need to sort of "decrypt" the md5 string into what the password is so that they can actually retrieve their password. I've searched around on php.net and stuff, and can't figure out how to do this.

    Any suggestions?
    Pluh.com (random nonsense) - Psychostick.com (my stupid band) - Collectiveunderground.com (AZ local music site) - Evacuatechicago.com

  • #2
    Its not possible. md5 is a one way hashing algorithm.
    Scott MacVicar

    My Blog | Twitter

    Comment


    • #3
      Originally posted by Scott MacVicar
      Its not possible. md5 is a one way hashing algorithm.
      Hrrrm, well - I suppose I will have to use a password reset system then... but I noticed that vbulletin has a password retrieval system, but the passwords are encrypted.

      How does that work? Or are you permitted to say?
      Pluh.com (random nonsense) - Psychostick.com (my stupid band) - Collectiveunderground.com (AZ local music site) - Evacuatechicago.com

      Comment


      • #4
        it just issues a new password once you confirm the link in your email.
        Scott MacVicar

        My Blog | Twitter

        Comment


        • #5
          Strings generated by the MD5 algorithm are not encrypted versions of the original string. They are hashes: unique (to one in an incredibly huge number) signatures of the original string. As the signature never contains any part of the original string, it is not possible to "decrypt" it because it does not apply.

          I suggest doing what Scott does (and what vB does): include a unique ID in a URL e-mailed to the user, and when the user clicks the link, confirm the ID against one stored in the database and then allow the user to enter a new password.
          --filburt1, vBulletin.org/vBulletinTemplates.com moderator
          Web Design Forums.net: vB Board of the Month
          vBulletin Mail System (vBMS): webmail for your forum users

          Comment


          • #6
            I see, that makes sense.

            I'll create a password resetting sytem via e-mail then, which will be easy since I have a user registration system that is similar (random unique ID validation via e-mail).

            Thanks and stuff!
            Pluh.com (random nonsense) - Psychostick.com (my stupid band) - Collectiveunderground.com (AZ local music site) - Evacuatechicago.com

            Comment

            widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
            Working...
            X