- Impact
- 8
This is the situation,
I use md5() to hash user passwords, and I save the md5() result in the password field in my database.
Now, I want to give the users the option to recover their passwords (receive it by email). They are receiving the hashed password, something like: 64e4784baced6bdb9adef61a1edaf023
Is there a way to unhash the string so that they receive a password that makes sense?
Any ideas?
Thanks
I use md5() to hash user passwords, and I save the md5() result in the password field in my database.
Now, I want to give the users the option to recover their passwords (receive it by email). They are receiving the hashed password, something like: 64e4784baced6bdb9adef61a1edaf023
Is there a way to unhash the string so that they receive a password that makes sense?
Any ideas?
Thanks