By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
438,723 Members | 1,891 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 438,723 IT Pros & Developers. It's quick & easy.

Using phpMyAdmin question

nomad
Expert 100+
P: 664
Hello Everyone.
I have a general question to ask.
When I looking up a table that contains passwords under the browser mode my passwords look like this
500e670de29bfb98b7ef70ca48fdc07b

is there a way so that I can look up what they really are.
ie should be something like this
goodphpcoder09x

thanks
nomad
Oct 10 '08 #1
Share this Question
Share on Google+
5 Replies


P: 64
Check if you set the Md5 function in the database on the password field.

Alternatively, you could decrypt the password before displaying it.

something like
Expand|Select|Wrap|Line Numbers
  1.  
  2. <?
  3. $sql = "SELECT user FROM users WHERE Password = PASSWORD ($password)";
  4.  
  5. or
  6.  
  7. $sql = "SELECT user FROM users WHERE Password = MD5($password)";
  8. ?>
  9.  
  10.  
Hope it helps
Oct 10 '08 #2

Atli
Expert 5K+
P: 5,058
is there a way so that I can look up what they really are.
ie should be something like this
goodphpcoder09x
No, there isn't, and there shouldn't be.

When a password is saved into a database, it is usually *hashed*.
Hashing is kind of a one-way encryption, meant to make sure that the data can not be decrypted and read.
This is done so that the passwords can not be read by anybody. Not even the system administrator. It makes sure your user's passwords are safe from everybody, even you.

That is what you posted, and it can not be reversed.

Why do you want to read it anyways?
I have never come across a situation where I needed to see the original password of one of my users.
Oct 10 '08 #3

Atli
Expert 5K+
P: 5,058
Alternatively, you could decrypt the password before displaying it.
No, you can't.

Hashes can not be decrypted.
The PASSWORD and MD5 functions create hashes, they do not decrypt them.
Oct 10 '08 #4

pbmods
Expert 5K+
P: 5,821
Heya, nomad.

Under what context do you need to access User passwords? There might be an alternative.

For example, many websites allow the User to reset his password instead of emailing the password to him. This way, you never need to know what the User's password actually was; you simply need to have an alternate way of authenticating the User (generally by sending a "reset" link to the User's email account on file).
Oct 10 '08 #5

nomad
Expert 100+
P: 664
Thanks for the input everyone.
I was just wondering, I have a phpBB forum in which I was going to add a forum were everyone (member) will be able to submit images to the db and only certain member were be allowed to download the files from the db.

nomad
Oct 10 '08 #6

Post your reply

Sign in to post your reply or Sign up for a free account.