Password recovery using sha1 password hash

Question

Password recovery using sha1 password hash

I would like to implement a forgotten password function for my site. I use passwords with sha1. How can I restore this for the user?

What is the best way to implement this?

+5

php password-protection hash

Bigmike Oct 26 '10 at 17:14

source share

3 answers

- . , (, ). , - .

, , . , .

, , , , .

+8

Cameron Skinner 26 . '10 17:17

A well-known effective way to return the sha1 hash to the original text (since this is a one-way design function). If you want you to be able to show your password to users later, you will need to save it in a method that will be reversible (IE encryption, plaintext). This is probably a bad idea, try to find the best way to do this .

+3

Kendall hopkins Oct 26 '10 at 17:18

source share

meagar · Accepted Answer · 2010-10-26T17:15:43+0000

The short answer is, you cannot.

You want to implement the reset password function, not the password search function. The whole point of password hashing is that you cannot store a user's password, and you cannot recover it if it is lost.

This should give you a general idea of how to allow users to reset forgotten passwords:

Password recovery using sha1 password hash

More articles: