Jump to content

to inform user password

ayok

By ayok
in MySQL Help

 Share

Recommended Posts

ayok Advanced Member

ayok

Posted
Posted

Hi,

 

I've got a question about user password. What I mean is that an admin table (for example) which contain passwords for all admins.

I use password('password') statement to insert a password from registered form. So for example, a user has insert a new password "newpassword" it will show in mysql table as *667072648CC4B683F6292F5DB1556.

 

The problem is, how can I view the real password if they forgot their own password?

 

Thank you,

 

ayok

Link to comment
Share on other sites
mezise Newbie

mezise

Posted
Posted

MySQL PASSWORD() function is one way encryption.

If you did not saved the password in uncoded way in other place or you do not have enough powerful computer and algorithm to break encoded password - you cannot view the real password.

 

Common way in such situation is sending to user a newly generated password by email and allowing him to change it by himself.

 

Link to comment
Share on other sites
ayok Advanced Member

ayok

Posted
  • Author
Posted

Hi mezise,

 

Like this forum, if you forget your own password, you can write your email, then the script send you your password. How can you do that? Should i make two user tables? Is that why we sometimes are asked to retype password?

 

Thanks,

 

ayok

Link to comment
Share on other sites
mezise Newbie

mezise

Posted
Posted

Usually when user registers he is requested to fill his email address and password (retyping password is to be sure that you typed correct password). Then application sends email to the user with link that activates user account. The same email is used to send a new password if user request for it.

That is typical way.

 

To save email address just add a new column to users table.

Link to comment
Share on other sites
mjcoco Newbie

mjcoco

Posted
Posted

The easiest way around that is to send a new randomly generated password to the users email address and force them on first relogin to change their password.  Once they have changed their password re-encrypt and start the process all over. (if they forget thier password again).  Im sure there is a way around it, i use $md5pass, and thats the only way i know how to get around it.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.