Jump to content

Forgotten Password?


Wolphie

Recommended Posts

I don't really understand how this works.

When somebody clicks on "Forgotten Password" and then enter their e-mail address, in my case is the MD5 hash encryption decrypted and then sent via e-mail? If so how would i decrypt the MD5 hash? If not, what other method is there?

Link to comment
https://forums.phpfreaks.com/topic/77757-forgotten-password/
Share on other sites

You could build a lookup table or use a pre-built one such as http://www.md5decrypter.com/ or http://www.md5encryption.com/.

 

An extra point is you can add a salt (extra stuff) when doing your hash sum, there's a pretty current thread discussing this at the mo...http://www.phpfreaks.com/forums/index.php/topic,168037.0.html. By using a salt prevents someone from using a 'standard' pre-built lookup table, this would assume someone had access to your password hash table for your sites users.

Link to comment
https://forums.phpfreaks.com/topic/77757-forgotten-password/#findComment-393643
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.