mysql PASSWORD function

[steijssen]

Hello gurus!

I have a tough question here: I have a table containing passwords, and they're all encrypted using the mysql PASSWORD function. You know, in a query, PASSWORD("mypass&quot. Now the question is, how can I retrieve the password in textformat so it can be used in my page where users can retrieve their password if they lost it?

Thank you ver much,
Stijn Teijssen

http://www.lidiumonline.com/

http://www.miade.com/

 

[skiflyer]

I'm not expert... but the short answer is no.

Those type of password schemes are one way encryption, their value is to prevent exactly what you're trying to do.

That is it protects the system in case someone gets the password database.

So basically short of running a dictionary attack and getting lucky, no.

-Rob

 

[sleipnir214]

skiflyer is correct.

MySQL's password() function technically does not encrypt text strings. It hashes them.

I recommend that you set the password to a known new value (passing that value, of course, through MySQL's password() function) and give that new password to your user. Want the best answers? Ask the best questions:

http://www.catb.org/~esr/faqs/smart-questions.html

TANSTAAFL!