I have an encrypted password md5, how to give a password to the user when he uses the "Forgot password"?

Question

I have a database entry for a password in md5 format, but when a user uses "Forgot password", then how can I give him / her the desired password?

+5

OM The Eternity Dec 13 '10 at 11:41

5 answers

- MD5 - "" - , .

, :

, .

+3

John Parker 13 . '10 11:47

, , , . , reset .

+2

terminus 13 . '10 11:44

you need to send to the new passworduser and then install in the database. otherwise, the original password may not be restored.

Thank.

+2

Chandresh Dec 13 '10 at 11:46

You have a 1/100 chance to recover this password (dictionary method) based on the length of the password. I will not recommend it.

It is better to create a new random password and send it to the user's email address.

+1

Riel Dec 13 '10 at 11:45

Marcelo cantos · Accepted Answer · 2010-12-13T11:43:14+0000

You cannot do this from the MD5 hash; and you cannot do it. Password recovery should be intractable.

The usual process is to send the reset password token (URL) to your email address so that the user can select a new password.