I am developing a database application in which I store usernames and
passwords. Naturally I want to store the passwords in an encrypted form.
However, just like you see in many web applications, I want to be able
to email the users password back to them should they forget their old
password.
I looked at how to store the password data in MySQL and they recommend
using MD5 or SHA. Both of these appear to be one way encryption
routines. IOW once I encrypt and store the users password there is no
way to unencrypt it.
How can I store passwords in my SQL database such that I can convert
them back to plain text when the user requests them?
--
I went for a walk last night and my kids asked me how long I'd be gone.
I said, "The whole time."
12  11871 
If you want to save password encrypted and want to decrypt it, you should
use a function for it which has some "user" input with it.
You cant use something like rot13 simply because this is almost standard
with PHP for this purpose and anyone with the encrypted password can decrypt
just as easily.
It's your choice but the best way is something like MD5 and if someone loses
it, just mail a new password to the mail-adress in the database and have the
user replace it with the next login.
"Andrew DeFaria" <An****@DeFaria.com> schreef in bericht
news:23**************************@msgid.meganewsse rvers.com... I am developing a database application in which I store usernames and
passwords. Naturally I want to store the passwords in an encrypted form.
However, just like you see in many web applications, I want to be able
to email the users password back to them should they forget their old
password.
I looked at how to store the password data in MySQL and they recommend
using MD5 or SHA. Both of these appear to be one way encryption
routines. IOW once I encrypt and store the users password there is no
way to unencrypt it.
How can I store passwords in my SQL database such that I can convert
them back to plain text when the user requests them?
--
I went for a walk last night and my kids asked me how long I'd be gone.
I said, "The whole time."
Too Sexy wrote: If you want to save password encrypted and want to decrypt it, you
should use a function for it which has some "user" input with it.
Like?
You cant use something like rot13 simply because this is almost
standard with PHP for this purpose and anyone with the encrypted
password can decrypt just as easily.
I'm not using PHP.
It's your choice
What choices do I have? I haven't heard any from you.
but the best way is something like MD5 and if someone loses it, just
mail a new password to the mail-adress in the database and have the
user replace it with the next login.
Yeah but how do other sites do it? Sites that do not email you back a
new password but sites who email you back your old password?
--
Your child may be an honor student but you're still an idiot.
If you want to save password encrypted and want to decrypt it, you should
use a function for it which has some "user" input with it.
You cant use something like rot13 simply because this is almost standard
with PHP for this purpose and anyone with the encrypted password can decrypt
just as easily.
It's your choice but the best way is something like MD5 and if someone loses
it, just mail a new password to the mail-adress in the database and have the
user replace it with the next login.
"Andrew DeFaria" <An****@DeFaria.com> schreef in bericht
news:23**************************@msgid.meganewsse rvers.com... I am developing a database application in which I store usernames and
passwords. Naturally I want to store the passwords in an encrypted form.
However, just like you see in many web applications, I want to be able
to email the users password back to them should they forget their old
password.
I looked at how to store the password data in MySQL and they recommend
using MD5 or SHA. Both of these appear to be one way encryption
routines. IOW once I encrypt and store the users password there is no
way to unencrypt it.
How can I store passwords in my SQL database such that I can convert
them back to plain text when the user requests them?
--
I went for a walk last night and my kids asked me how long I'd be gone.
I said, "The whole time."
Too Sexy wrote: If you want to save password encrypted and want to decrypt it, you
should use a function for it which has some "user" input with it.
Like?
You cant use something like rot13 simply because this is almost
standard with PHP for this purpose and anyone with the encrypted
password can decrypt just as easily.
I'm not using PHP.
It's your choice
What choices do I have? I haven't heard any from you.
but the best way is something like MD5 and if someone loses it, just
mail a new password to the mail-adress in the database and have the
user replace it with the next login.
Yeah but how do other sites do it? Sites that do not email you back a
new password but sites who email you back your old password?
--
Your child may be an honor student but you're still an idiot.
"Andrew DeFaria" <An****@DeFaria.com> schreef in bericht
news:b3***************************@msgid.meganewss ervers.com... Too Sexy wrote:
If you want to save password encrypted and want to decrypt it, you
should use a function for it which has some "user" input with it.
Like?
I don't know any that's why I send new passwords. You cant use something like rot13 simply because this is almost
standard with PHP for this purpose and anyone with the encrypted
password can decrypt just as easily.
I'm not using PHP.
Perl and ASP have these functions also standard implemented. It's your choice
What choices do I have? I haven't heard any from you.
To use an encryption method which can also be decrypted but the best way is something like MD5 and if someone loses it, just
mail a new password to the mail-adress in the database and have the
user replace it with the next login.
Yeah but how do other sites do it? Sites that do not email you back a
new password but sites who email you back your old password?
perhaps they don't encrypted, unfortunatly I don't now
--
Your child may be an honor student but you're still an idiot.
I Think this wasn't meant personal ;)
In Short, I can't give you a function but I recommend you use md5 or
something and mail new password
You can also mail sites that give passwords back how they do it.
P.S. Most OS en Network software don't give passwords bakc because of the
security risc.
"Andrew DeFaria" <An****@DeFaria.com> schreef in bericht
news:b3***************************@msgid.meganewss ervers.com... Too Sexy wrote:
If you want to save password encrypted and want to decrypt it, you
should use a function for it which has some "user" input with it.
Like?
I don't know any that's why I send new passwords. You cant use something like rot13 simply because this is almost
standard with PHP for this purpose and anyone with the encrypted
password can decrypt just as easily.
I'm not using PHP.
Perl and ASP have these functions also standard implemented. It's your choice
What choices do I have? I haven't heard any from you.
To use an encryption method which can also be decrypted but the best way is something like MD5 and if someone loses it, just
mail a new password to the mail-adress in the database and have the
user replace it with the next login.
Yeah but how do other sites do it? Sites that do not email you back a
new password but sites who email you back your old password?
perhaps they don't encrypted, unfortunatly I don't now
--
Your child may be an honor student but you're still an idiot.
I Think this wasn't meant personal ;)
In Short, I can't give you a function but I recommend you use md5 or
something and mail new password
You can also mail sites that give passwords back how they do it.
P.S. Most OS en Network software don't give passwords bakc because of the
security risc.
Too Sexy wrote: --
Your child may be an honor student but you're still an idiot.
I Think this wasn't meant personal ;)
No, it's a tagline, not personal.
In Short, I can't give you a function but I recommend you use md5 or
something and mail new password
You can also mail sites that give passwords back how they do it.
P.S. Most OS en Network software don't give passwords bakc because of
the security risc.
It's as much a security risk to email a password in the first place.
--
I said "NO" to drugs, but they didn't listen.
Too Sexy wrote: --
Your child may be an honor student but you're still an idiot.
I Think this wasn't meant personal ;)
No, it's a tagline, not personal.
In Short, I can't give you a function but I recommend you use md5 or
something and mail new password
You can also mail sites that give passwords back how they do it.
P.S. Most OS en Network software don't give passwords bakc because of
the security risc.
It's as much a security risk to email a password in the first place.
--
I said "NO" to drugs, but they didn't listen.
Seems like encode/decode would work for me but they don't seem to work!
mysql> select encode("password","secret");
+-----------------------------+
| encode("password","secret") |
+-----------------------------+
| 「LwY!* |
+-----------------------------+
1 row in set (0.00 sec)
mysql> select decode("「LwY!*","secret");
+----------------------------+
| decode("「LwY!*","secret") |
+----------------------------+
| passwo# |
+----------------------------+
1 row in set (0.00 sec)
--
I used to have an open mind but my brains kept falling out.
Seems like encode/decode would work for me but they don't seem to work!
mysql> select encode("password","secret");
+-----------------------------+
| encode("password","secret") |
+-----------------------------+
| 「LwY!* |
+-----------------------------+
1 row in set (0.00 sec)
mysql> select decode("「LwY!*","secret");
+----------------------------+
| decode("「LwY!*","secret") |
+----------------------------+
| passwo# |
+----------------------------+
1 row in set (0.00 sec)
--
I used to have an open mind but my brains kept falling out.
> Seems like encode/decode would work for me but they don't seem to work!
mysql> select encode("password","secret");
+-----------------------------+
| encode("password","secret") |
+-----------------------------+
| 「LwY!* |
+-----------------------------+
1 row in set (0.00 sec)
mysql> select decode("「LwY!*","secret");
+----------------------------+
| decode("「LwY!*","secret") |
+----------------------------+
| passwo# |
+----------------------------+
1 row in set (0.00 sec)
seems to work: mysql> select decode(encode("password","secret"),"secret");
Your're result is also wrong you forgot some characters: "「LwY!�*"
Perhaps there's a problem with the strange characters, when you enter and
view them it might not be exact the same ASCII code.
It's as much a security risk to email a password in the first place.
No Comment
--
I used to have an open mind but my brains kept falling out.
Ever tried ducktape, McGyver says it works
> Seems like encode/decode would work for me but they don't seem to work!
mysql> select encode("password","secret");
+-----------------------------+
| encode("password","secret") |
+-----------------------------+
| 「LwY!* |
+-----------------------------+
1 row in set (0.00 sec)
mysql> select decode("「LwY!*","secret");
+----------------------------+
| decode("「LwY!*","secret") |
+----------------------------+
| passwo# |
+----------------------------+
1 row in set (0.00 sec)
seems to work: mysql> select decode(encode("password","secret"),"secret");
Your're result is also wrong you forgot some characters: "「LwY!�*"
Perhaps there's a problem with the strange characters, when you enter and
view them it might not be exact the same ASCII code.
It's as much a security risk to email a password in the first place.
No Comment
--
I used to have an open mind but my brains kept falling out.
Ever tried ducktape, McGyver says it works This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Matt Schroeder |
last post by:
Can anyone tell me about passwords? What I plan to do is write a username
and a password into a mySQL table. How do I encrpyt the password? And after
it's written, how can I match a password...
|
by: Jeremy Booker |
last post by:
I installed the current stable release of MySQL from RPMs. I used the client
and server packages.
After installing the server package, the RPM printed a note saying I should
run two commands. I...
|
by: Andrew DeFaria |
last post by:
I am developing a database application in which I store usernames and
passwords. Naturally I want to store the passwords in an encrypted form.
However, just like you see in many web applications, I...
|
by: LRW |
last post by:
I manage our mySQL database through putty (SSH terminal client).
And whenever I do a select * from the table that contains ENCODEd
passwords, the funky characters do funky things with the display....
|
by: Terry |
last post by:
I am just starting out using mySQL. I created some databases and tables and
installed mySQLcc to ease my usage. After about 4 months, I've needed to
make some changes that needed root access. I...
|
by: Bartosz Wegrzyn |
last post by:
hi,
I would like to store windows passwords and usernames in database.
Please tell me where to start?
What database can I use?
Can I use free microsoft database?
Thanks
Bart
|
by: LarsM |
last post by:
Hi all,
I am new to XML, but I use it for an RSS feed.
I have one problem, which I have really been struggling with.
My XML document is generated from the contents of a MySQL database. It is...
|
by: marc.wyburn |
last post by:
I'm writing a web app that needs a login page. I'm doing the dev on a
windows box although the final version will go on a Linux box. I can't
find any versions of mod_auth_Mysql precompiled for...
|
by: Carlone |
last post by:
Hi, I'm using mysql 4.0.18 on a web server with PHP 5.1.1 and I'm trying to
pass from the iso-8859-1 encoding to utf8, but I'm still confused about
many questions.
With which encoding data is...
|
by: wozza |
last post by:
hi
I'm a Dreamweaver user who's created a few simple data entry/
registrations forms in my time, but I'm not really a coder (though I
can follow instructions and am not afraid to dabble...) - I...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
| |
