Reverse Hash a Password
Hi everyone,
I can't seem to find information on Google or anywhere about how you reverse hash a password in CakePHP. I am making a "forgotten password" function so that users can enter their email and have their login info sent to them. The problem is, the password in the database is hashed. I want to give the users their unhashed password back.
There is an AuthComponent::password() method which does the opposite, but there doesn't seem to be a method to do what I am wanting to do.
Any ideas?
Thanks!
Asked by cshinnimin, on 6/3/10
2 Answers
In short, you can't. A hash is a one-way function and can't be undone.
Many consider it bad security practice to have a way to recover passwords from a system.
Instead of a password recovery method consider a password reset option. With a verified e-mail address attached to an account, you ask a user three security questions and them e-mail them a one-time password.
Answered by tiberuson 6/3/10
There is no way to "reverse hash" password by design. I would instead suggest that you send an email to the user with a link to reset their password.
Answered by NetersLandreauon 6/3/10
Rating
0
Viewed
320 times
Last Activity
on 6/3/10