[SOLVED] is there any way to un-md5 the encoded password??

[yami007]

i was wondering on way to un-md5 the password on db to send it back to the user when they claim for it, i cant find it myself 

thank you

[TeNDoLLA]

No not possible, not in any normal way. Some of them might be crackable but thats whole another story.. The idea of md5 hash is that you can hash strings and then compare the hashes but you cant recover it.

[PFMaBiSmAd]

No, md5() is a one way hash. It is not encoding/encryption, so it is not possible to decode/decrypt it.

 

You must use a lost password system where you generate a new one and send it to the user or use a "security question" to allow them to directly enter a new password while on the site.

[Mark Baker]

md5 doesn't encrypypt the password, it hashes it. The difference is that encrypted data can be decrypted to reveal the original value, hashed data cannot.

 

When you hash a password using md5 (or sha1, or other hashing algorithm) you can't recover the original password. If the user forgets their password, you generate a new password for them, and let them know what that new password is.... then force them to reset to a password of their choice the next time they log in.

[yami007]

ah thanks guys,

i'll send them a new password then