Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    Regular Coder
    Join Date
    Sep 2011
    Posts
    345
    Thanks
    38
    Thanked 0 Times in 0 Posts

    Forgot password in login form!

    I have coded a registration and login form, including a Forgot Password link if the user has forgotten his password.

    I have an issue here..and also want to know something... Ok, let me explain, all the users passwords are hashed by MD5 in the database....

    When the user will forgot his password, he will insert only his email, then the password will be sent to him by email. But, the password is hashed using MD5, so it appears as hashed in the email when he will get.

    Question: How to make the password readable in the email?

    Now, let's come to the second part, I want to know something, if I make the user create a new password, can I do it with the UPDATE query of MySQL? I mean when he will write his new password, this will update the previous password in the database...

    Thank you!

  • #2
    Regular Coder
    Join Date
    Jan 2012
    Posts
    134
    Thanks
    0
    Thanked 32 Times in 32 Posts
    Hashing algorithms like MD5 are by nature one-way. You can't un-hash a password, nor would you want to send it plain text through email because email is not secure.

    As you said, you'll have to have the user change their password. Using some other means of verification, verify who the user is and then send them a "reset password" link. You can then use an update query to change the password on their account.

  • #3
    Regular Coder
    Join Date
    Sep 2011
    Posts
    345
    Thanks
    38
    Thanked 0 Times in 0 Posts
    Ok then, I will use the method of update password. Its better.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •