password decryption

What function do you use to encrypt the password? You should never need to see an unencrypted password. Say you use md5() to encrypt it, to see whether a provide password matches it, md5() the new password against the password in the database.

If it is because a user has forgotten their password then you need to authenticate them by username and email address and then send a new randomly generated password to the stored email address. They can then use that to log in and change their password. This is how most sites work.

As Markus said only the password owner - site user, should know the password.

nathj

actually we are transfer our data from mysql to sql server. so there is many account holder already exist with their user name and password. i want to enter same password in sql server. that's why i need to decrypt that passwords

i am using md5() for encryption. so please any idea to decrypt md5() encrypted passwords in php.

The whole point of encrypting passwords is that it is practically impossible to "decrypt" it with another function. I am sure it could be done if the encryption system was known, but that would defeat the whole point of having it.

The only way to find out what an md5()'d password is, is to guess it and compare md5(your guess) to the original string. So unlikely you are going to do that.

If you are moving servers why don't you just encrypt passwords with php and store it in the SQL server? As in why can't you just copy it over and treat it exactly the same? All it means is you can't use MySQL function, but using php should be the same shouldn't it?

TheServant has this spot on. There is no need to decrypt the password. Simply copy the encrypted (more strictly speaking hashed) value from one database to another and carry on as normal.

The hash should be done by PHP, that way the user can specify their own password which is hashed and stored. Then when they use it to log in you take the value entered, hash it and compare tat in the db. This should work regardless of the database - MySQL or SQL Server.

Cheers
nathj

i dont know why but it is not working when same encrypted password is paste on other database. i am trying to find out why it is not working. As i come to know i will post message. but please if you how to decrypt md5() then guide me.

md5() is a hash and therefore cannot be decrypted. However, there are sites that offer look-up tables. they basically have a database of word with the md5 result. This is the best you can hope for.

Mate, you cannot decrypt it like I said. Are you sure your SQL field is a long enough character length for it? Try store an md5()'d term in your new SQL tables and see if that works. If it does then you just have to copy the md5()'d passwords over, but if it doesn't you have an error in your code, SQL table setup, or SQL setup.

waqasahmed996,
Do you have a user table in SQL Server just like you do in MySQL. Or are you trying to do this in the SQL Server Login Properties for the SQL Server Authentication?

thanks for reply

yes i have a table in SQL Server just like in Mysql. there is no issue of SQL Server Authentication