473,466 Members | 3,167 Online
Bytes | Software Development & Data Engineering Community
Create Post

Home Posts Topics Members FAQ

return back the value generated using MD5 fubction

66 New Member
I use md5 function of PHP before storing the password in the database.

Scenario: I put an password retrieval program. After authentication that the username is realy exist, send an email containing his/her password and username.

Problem: I cannot return back the encrypted value.
e.g. password: 123456 md5 password: sdfgn234uih893hu9hu92rh8g58...... (32size in DB)

I want back the real value to "123456".

Constraits: I dont want to generate new password before do the email. I want to send back his/her currently used password.
Jul 31 '07 #1
11 3500
dafodil
392 Contributor
After a few argument with volectricity about hashing I came to a point to understand that hashing cannot be decrypted. The only way you can check if the hashed data is the same is by storing a hashed data to your db and comparing it to user input by hashing it.

MD5 returns a hashed data.

What you need is a two way encryption function.
Jul 31 '07 #2
eros
66 New Member
After a few argument with volectricity about hashing I came to a point to understand that hashing cannot be decrypted. The only way you can check if the hashed data is the same is by storing a hashed data to your db and comparing it to user input by hashing it.

MD5 returns a hashed data.

What you need is a two way encryption function.
Please correct me if my understanding is wrong.

I will create a list of hashed data by md5 and corresponding real values? Maybe it is adding another field or another table?

What do you mean by two-way encryption function?
Jul 31 '07 #3
eros
66 New Member
It means that if the site have a capabilities to send back the original password is not using a md5 function.. maybe created their own encryption function, that's they can decrypt the data. Or they are not using any encryption in storing passwords in the database.
Jul 31 '07 #4
dafodil
392 Contributor
Please correct me if my understanding is wrong.

I will create a list of hashed data by md5 and corresponding real values? Maybe it is adding another field or another table?

What do you mean by two-way encryption function?
MD5 is only one way encryption that means you cannot decrypt it. You cannot retrieve the old value. The only way is by comparing the stored hashed data on the database.

For example:
use md5:
apple=EDFAB
store EDFAB to database.
you need to allow user to input his password again:
apple
and use the md5 again to compare it.
EDFAB=EDFAB

I suggest you to use mcrypt: http://www.php.net/manual/en/ref.mcrypt.php

If you want to decrypt what you have encrypted.
Jul 31 '07 #5
eros
66 New Member
MD5 is only one way encryption that means you cannot decrypt it. You cannot retrieve the old value. The only way is by comparing the stored hashed data on the database.

For example:
use md5:
apple=EDFAB
store EDFAB to database.
you need to allow user to input his password again:
apple
and use the md5 again to compare it.
EDFAB=EDFAB

I suggest you to use mcrypt: http://www.php.net/manual/en/ref.mcrypt.php

If you want to decrypt what you have encrypted.

Thanks a lot...I study on how to excute mcrypt in PHP.
Jul 31 '07 #6
nathj
938 Recognized Expert Contributor

If you want to decrypt what you have encrypted.
Remember, if you can decrypt so can someone else. I suggest sticking with hashing and if they forget their password, have them prove who they are and then generate a new password - they can always change it when they log in next.

I think, and it's really just opinion, that being able to decrypt the password is not smart. Sticking with hashing, it's safer.

Cheers
nathj
Jul 31 '07 #7
eros
66 New Member
Remember, if you can decrypt so can someone else. I suggest sticking with hashing and if they forget their password, have them prove who they are and then generate a new password - they can always change it when they log in next.

I think, and it's really just opinion, that being able to decrypt the password is not smart. Sticking with hashing, it's safer.

Cheers
nathj
I see... yeah I realized... hihih ;) thanks you very much..I regenerate a new password then email to their respective email account then just change it after.

Thanks again. I will for MD5 function of PHP.
Jul 31 '07 #8
kovik
1,044 Recognized Expert Top Contributor
I see... yeah I realized... hihih ;) thanks you very much..I regenerate a new password then email to their respective email account then just change it after.

Thanks again. I will for MD5 function of PHP.
Don't use MD5. It's so outdated and weak. I'd suggest SHA-256, but SHA-1 is easily available through PHP, so use it.

[php]$pass = sha1($_POST['password']);[/php]
Jul 31 '07 #9
eros
66 New Member
Don't use MD5. It's so outdated and weak. I'd suggest SHA-256, but SHA-1 is easily available through PHP, so use it.

[php]$pass = sha1($_POST['password']);[/php]
It is advisable? and it is the common practice?
Aug 2 '07 #10
dafodil
392 Contributor
There are already security flaws for Sha-1 and MD5. You can check this site to see the available hash functions.
http://en.wikipedia.org/wiki/Cryptog...hash_functions
Aug 2 '07 #11
kovik
1,044 Recognized Expert Top Contributor
It is advisable? and it is the common practice?
It's stronger, but just as easily available for use, so there's really no reason to use MD5 over SHA-1.
Aug 2 '07 #12

Sign in to post your reply or Sign up for a free account.

Similar topics

3
Web Service returning xs:choice as return type in C++ .NET
by: dgaucher | last post by:
Hi, I want to consume a Web Service that returns a choice, but my C++ client always receives the same returned type. On the other hand, when I am using a Java client, it is working fine (of...
.NET Framework
8
Return by value -- primitive type vs class type
by: DaKoadMunky | last post by:
Please consider the following... <CODE> #include <string> using namespace std; typedef int PrimitiveType; typedef string ClassType;
C / C++
10
Return from store procedure.
by: vassone | last post by:
Dear All, I read through all the post and flipped through the books but I still can't find the answer to my problem. I'm inserting a new record via a stored procedure and want to return the id...
Microsoft SQL Server
5
Return values from __events
by: Edward Diener | last post by:
I am gathering from the documentation that return values from __events are not illegal but are frowned upon in .NET. If this is the case, does one pass back values from an event handler via...
.NET Framework
1
Open a JavaScript Window from a Web User Control and return a valu
by: Jorge Ponte | last post by:
hi I have a Web User Control (ascx) - lets call it "My_WUC" - in a Web form. In that WUC I want have a textbox and a button. I want to click on the button and open a popup (I use javascript for...
ASP.NET
1
IXmlSerializable: return type & difference IE / webservice
by: Thomas D. | last post by:
Hello all, I'm using the IXmlSerializable interface for a project and encounter some problems when testing my webservice in a client application. I know this interface is undocumented and not...
.NET Framework
1
Beginner needing help with return data from a webservice.
by: hl | last post by:
Hi, I'm a beginner and need a little help with getting data back from a web service. I am using VB.Net and have added a web reference to a Wsdl that was provided to me. My reference.vb file...
.NET Framework
4
return IDENTITY after SQL Insert?
by: Dabbler | last post by:
I'm using an SQLCommand to insert row using a text command. Is there a way to return the IDENTITY key value after the insert ? Thanks much!
ASP.NET
5
Web service to return xml file
by: TompIfe | last post by:
Hi, I have a web service that reads data from an Access database using datareader and place the data in an array that the web method returns. Now, I want to make the web service also to return an...
.NET Framework
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA
0
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
C# / C Sharp
0
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The...
Networking - Hardware / Configuration

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us