freelanceprogrammers.org Forum Index » PHP

View previous topic :: View next topic

How to decrypt password when encrypted with md5()? . can any

attanasio@... Posted: Mon May 16, 2005 3:29 pm

Joined: 19 Mar 2005

Posts: 12

How to decrypt password when encrypted with md5()? . can any

hi why do you want to show the user his/her previous password ?? md5()
provides only encyption, but not decryption. I think you don`t need it
anyway. Just let the user enter his/her password, before saving a new
one .

greets

slickhickus001 Posted: Mon May 16, 2005 3:36 pm

Joined: 09 May 2005

Posts: 6

How to decrypt password when encrypted with md5()? . can any

Hi,

md5 is a one-way digest function - it`s designed not to be decrypted.

Hashing functions are popular as a validation technique as the user
supplies as password which is passed through the digest function. If
this value matches that stored in the database, then the user has
supplied the correct password.

Hashing is useful in that if the database is breached, the cracker
will
not get plain-text passwords, or decrypt in any other fashion.

Hope that helps,
Brian

--- In php-objects@yahoogroups.com, "soha jabeen" <soha_gg@y...>
wrote:
> Dear Friends..
>
> Problem is?
>
> i encrypte the password of the user using md5(). but when i want
update
> the user account and i get the data of the user from the database i
get
> also the encrypted password in a texbox. when i update the data ,
the
> password again encrypted.
> So how i can get the orignal password of the user when he/she enter
at
> the time registration.?
>
> Plz help... Thnx in Advance..

smadaboosi Posted: Mon May 16, 2005 4:59 pm

Joined: 25 Feb 2005

Posts: 10

How to decrypt password when encrypted with md5()? . can any

Hi,

MD5 is a one way encrypting process. The most secured way to allow password
stored in a database is to encrypt it. When updating user profiles, you should
not be updating the passwords. All password updates should be done using a
change password method where the user enters the old password for validating and
enters new passwords, better yet if you are able to build a robust password
change/user authentication process.

As a security mesasure, do not store plain text passwords in the database. I do
not know your application and the critical nature of the application and its
data. But if someone were to audit your application for it would raise a red
flag.

Sesh Madaboosi CISA, CSSA
Coherent Business Solutions LLC
www.cobizsolutions.com

soha jabeen <soha_gg@...> wrote:
Dear Friends..

Problem is?

i encrypte the password of the user using md5(). but when i want update
the user account and i get the data of the user from the database i get
also the encrypted password in a texbox. when i update the data , the
password again encrypted.
So how i can get the orignal password of the user when he/she enter at
the time registration.?

Plz help... Thnx in Advance..

PHP Data object relational mapping generator - http://www.meta-language.net/

---------------------------------
Yahoo! Groups Links

To visit your group on the web, go to:
http://groups.yahoo.com/group/php-objects/

To unsubscribe from this group, send an email to:
php-objects-unsubscribe@yahoogroups.com

Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.

---------------------------------
Discover Yahoo!
Use Yahoo! to plan a weekend, have fun online & more. Check it out!

[Non-text portions of this message have been removed]

danish5041 Posted: Tue May 17, 2005 11:05 pm

Joined: 17 May 2005

Posts: 1

How to decrypt password when encrypted with md5()? . can any

Dear Soha Jabeen,

MD5 encryption is one way encryption. During account management you need
to authenticate user supplied password with databse encrypted password. For this
purpose when u take password with user you encrypt it with MD5 and match the
encrypted hash with encrypted password hash which is stored in Database if both
are matched then its mean user is supplying correct password.

Regards
Danish Usman

soha jabeen <soha_gg@...> wrote:
Dear Friends..

Problem is?

i encrypte the password of the user using md5(). but when i want update
the user account and i get the data of the user from the database i get
also the encrypted password in a texbox. when i update the data , the
password again encrypted.
So how i can get the orignal password of the user when he/she enter at
the time registration.?

Plz help... Thnx in Advance..

PHP Data object relational mapping generator - http://www.meta-language.net/

---------------------------------
Yahoo! Groups Links

To visit your group on the web, go to:
http://groups.yahoo.com/group/php-objects/

To unsubscribe from this group, send an email to:
php-objects-unsubscribe@yahoogroups.com

Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.

---------------------------------
Do you Yahoo!?
Yahoo! Sports - Sign up for Fantasy Baseball.

[Non-text portions of this message have been removed]

anurag_rathod Posted: Mon May 23, 2005 1:19 pm

Joined: 23 May 2005

Posts: 5

How to decrypt password when encrypted with md5()? . can any

MD5 is a oneway traffice...
none can be done to get it back...

On 5/17/05, Danish Usman <danish5041@...> wrote:
> Dear Soha Jabeen,
>
> MD5 encryption is one way encryption. During account management you need
to authenticate user supplied password with databse encrypted password. For this
purpose when u take password with user you encrypt it with MD5 and match the
encrypted hash with encrypted password hash which is stored in Database if both
are matched then its mean user is supplying correct password.
>
> Regards
> Danish Usman
>
> soha jabeen <soha_gg@...> wrote:
> Dear Friends..
>
> Problem is?
>
> i encrypte the password of the user using md5(). but when i want update
> the user account and i get the data of the user from the database i get
> also the encrypted password in a texbox. when i update the data , the
> password again encrypted.
> So how i can get the orignal password of the user when he/she enter at
> the time registration.?
>
> Plz help... Thnx in Advance..
>
>
>
>
>
>
> PHP Data object relational mapping generator - http://www.meta-language.net/
>
>
>
> ---------------------------------
> Yahoo! Groups Links
>
> To visit your group on the web, go to:
> http://groups.yahoo.com/group/php-objects/
>
> To unsubscribe from this group, send an email to:
> php-objects-unsubscribe@yahoogroups.com
>
> Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
>
>
>
> ---------------------------------
> Do you Yahoo!?
> Yahoo! Sports - Sign up for Fantasy Baseball.
>
> [Non-text portions of this message have been removed]
>
>
>
>
>
> PHP Data object relational mapping generator - http://www.meta-language.net/
> Yahoo! Groups Links
>
>
>
>
>
>
>

vearn2000 Posted: Mon Jun 20, 2005 3:07 pm

Joined: 20 Jun 2005

Posts: 1

How to decrypt password when encrypted with md5()? . can any

that mean u can update all the user`s data except
user`s password. u cannot touch it or it will be
encrypted again. sorry for my grammar bcoz english is
not my native language.
--- anurag rathod <groups.anurag@...> wrote:

> MD5 is a oneway traffice...
> none can be done to get it back...
>
>
> On 5/17/05, Danish Usman <danish5041@...>
> wrote:
> > Dear Soha Jabeen,
> >
> > MD5 encryption is one way encryption. During
> account management you need to authenticate user
> supplied password with databse encrypted password.
> For this purpose when u take password with user you
> encrypt it with MD5 and match the encrypted hash
> with encrypted password hash which is stored in
> Database if both are matched then its mean user is
> supplying correct password.
> >
> > Regards
> > Danish Usman
> >
> > soha jabeen <soha_gg@...> wrote:
> > Dear Friends..
> >
> > Problem is?
> >
> > i encrypte the password of the user using md5().
> but when i want update
> > the user account and i get the data of the user
> from the database i get
> > also the encrypted password in a texbox. when i
> update the data , the
> > password again encrypted.
> > So how i can get the orignal password of the user
> when he/she enter at
> > the time registration.?
> >
> > Plz help... Thnx in Advance..
> >
> >
> >
> >
> >
> >
> > PHP Data object relational mapping generator -
> http://www.meta-language.net/
> >
> >
> >
> > ---------------------------------
> > Yahoo! Groups Links
> >
> > To visit your group on the web, go to:
> > http://groups.yahoo.com/group/php-objects/
> >
> > To unsubscribe from this group, send an email
> to:
> > php-objects-unsubscribe@yahoogroups.com
> >
> > Your use of Yahoo! Groups is subject to the
> Yahoo! Terms of Service.
> >
> >
> >
> > ---------------------------------
> > Do you Yahoo!?
> > Yahoo! Sports - Sign up for Fantasy Baseball.
> >
> > [Non-text portions of this message have been
> removed]
> >
> >
> >
> >
> >
> > PHP Data object relational mapping generator -
> http://www.meta-language.net/
> > Yahoo! Groups Links
> >
> >
> >
> >
> >
> >
> >
>
>
>

get my key here http://geocities.com/vearn2000/key.txt

*************
***********
*********
*******
*****
***
*

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

slickhickus001 Posted: Mon Jun 20, 2005 3:20 pm

Joined: 09 May 2005

Posts: 6

How to decrypt password when encrypted with md5()? . can any

Hi,

That`s correct - unless you make the user specify the original
password again. I like to keep `update personal details` and `update
password` as separate features of my applications. If you require
this all to be done in one script, you must get the user to specify
the password (as your app will only be able to display the
encrypted/hashed version of it). Another way is to add logic to your
script to track changed values and only update values in the database
for those values updated by the user on your web form. Of course,
this gets more tricky if you`re using stored procedures and such like
(you have to tell the database procedure which fields to update).

Brian

--- In php-objects@yahoogroups.com, saad hamid <vearn2000@y...> wrote:
>
> that mean u can update all the user`s data except
> user`s password. u cannot touch it or it will be
> encrypted again. sorry for my grammar bcoz english is
> not my native language.
> --- anurag rathod <groups.anurag@g...> wrote:
>
> > MD5 is a oneway traffice...
> > none can be done to get it back...
> >
> >
> > On 5/17/05, Danish Usman <danish5041@y...>
> > wrote:
> > > Dear Soha Jabeen,
> > >
> > > MD5 encryption is one way encryption. During
> > account management you need to authenticate user
> > supplied password with databse encrypted password.
> > For this purpose when u take password with user you
> > encrypt it with MD5 and match the encrypted hash
> > with encrypted password hash which is stored in
> > Database if both are matched then its mean user is
> > supplying correct password.
> > >
> > > Regards
> > > Danish Usman
> > >
> > > soha jabeen <soha_gg@y...> wrote:
> > > Dear Friends..
> > >
> > > Problem is?
> > >
> > > i encrypte the password of the user using md5().
> > but when i want update
> > > the user account and i get the data of the user
> > from the database i get
> > > also the encrypted password in a texbox. when i
> > update the data , the
> > > password again encrypted.
> > > So how i can get the orignal password of the user
> > when he/she enter at
> > > the time registration.?
> > >
> > > Plz help... Thnx in Advance..
> > >
> > >
> > >
> > >
> > >
> > >
> > > PHP Data object relational mapping generator -
> > http://www.meta-language.net/
> > >
> > >
> > >
> > > ---------------------------------
> > > Yahoo! Groups Links
> > >
> > > To visit your group on the web, go to:
> > > http://groups.yahoo.com/group/php-objects/
> > >
> > > To unsubscribe from this group, send an email
> > to:
> > > php-objects-unsubscribe@yahoogroups.com
> > >
> > > Your use of Yahoo! Groups is subject to the
> > Yahoo! Terms of Service.
> > >
> > >
> > >
> > > ---------------------------------
> > > Do you Yahoo!?
> > > Yahoo! Sports - Sign up for Fantasy Baseball.
> > >
> > > [Non-text portions of this message have been
> > removed]
> > >
> > >
> > >
> > >
> > >
> > > PHP Data object relational mapping generator -
> > http://www.meta-language.net/
> > > Yahoo! Groups Links
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> >
> >
> >
>
>
> get my key here http://geocities.com/vearn2000/key.txt
>
> *************
> ***********
> *********
> *******
> *****
> ***
> *
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com

aila_sib Posted: Mon Jun 20, 2005 5:27 pm

Joined: 05 May 2005

Posts: 7

How to decrypt password when encrypted with md5()? . can any

Hi,

I was writing a simple `log in` page using PHP 4.2.2 and local server APACHE
1.3, and every thing was going great until I tried to test this page on another
computer - another server actully! - with PHP 4.3.6 installed, and got this
message:

Notice: undefined index: userName in C:.... on line 11
Notice: undefined variable: userName in C:.... on line 11

and the same for every variable I`ve used in this page, but it still works ..!
really I don`t understand what`s happening there..!

please, can any one help me?

Aila..

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

[Non-text portions of this message have been removed]

vduffaut2000 Posted: Mon Jun 20, 2005 5:39 pm

Joined: 06 May 2005

Posts: 7

How to decrypt password when encrypted with md5()? . can any

Isn`t it undefined empty variables ?

Try to check if you define those variable before using them...

Hope to help

Vincent

-----Message d`origine-----
De : php-objects@yahoogroups.com [mailto:php-objects@yahoogroups.com] De la
part de aila sibai
Envoy� : lundi 20 juin 2005 14:27
� : php-objects@yahoogroups.com
Objet : [php-objects] "undefined variable" message..!

Hi,

I was writing a simple `log in` page using PHP 4.2.2 and local server APACHE
1.3, and every thing was going great until I tried to test this page on
another computer - another server actully! - with PHP 4.3.6 installed, and
got this message:

Notice: undefined index: userName in C:.... on line 11
Notice: undefined variable: userName in C:.... on line 11

and the same for every variable I`ve used in this page, but it still works
..!
really I don`t understand what`s happening there..!

please, can any one help me?

Aila..

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

[Non-text portions of this message have been removed]

PHP Data object relational mapping generator - http://www.meta-language.net/

Yahoo! Groups Links

--------------------------------------------------------------------------------
--------------------------------------

Ce message a ete analyse par deux antivirus maintenus � jour en permanence.
Si vous recevez ce message par erreur, merci de nous en avertir et de d�truire
celui-ci.

This message has been scanned by two antivirus constantly updated.
If you receive this message by error, please tell us before destroying it.

vduffaut2000 Posted: Mon Jun 20, 2005 5:39 pm

Joined: 06 May 2005

Posts: 7

How to decrypt password when encrypted with md5()? . can any

slickhickus001 Posted: Mon Jun 20, 2005 5:49 pm

Joined: 09 May 2005

Posts: 6

How to decrypt password when encrypted with md5()? . can any

Hi Aila,

These notices are most likely appearing because of the error
reporting setting (probably E_ALL) in the php.ini file on the new
server. Programming best practice dictates that you should always
initialise your variables before use (to reduce potential security
risks amongst others), but if this is OK by you, and the script still
works, change your error_reporting setting in php.ini (or by using
the error_reporting() function) so that notices are ignored [for
example, to E_ALL & ~E_NOTICE which means all errors except
notices]. For more info, see
http://www.php.net/manual/en/function.error-reporting.php and
http://www.php.net/manual/en/ini.php

Hope that helps,
Brian

--- In php-objects@yahoogroups.com, aila sibai <aila_sib@y...> wrote:
> Hi,
>
> I was writing a simple `log in` page using PHP 4.2.2 and local
server APACHE 1.3, and every thing was going great until I tried to
test this page on another computer - another server actully! - with
PHP 4.3.6 installed, and got this message:
>
> Notice: undefined index: userName in C:.... on line 11
> Notice: undefined variable: userName in C:.... on line 11
>
> and the same for every variable I`ve used in this page, but it
still works ..!
> really I don`t understand what`s happening there..!
>
> please, can any one help me?
>
> Aila..
>
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
> [Non-text portions of this message have been removed]

aila_sib Posted: Mon Jun 20, 2005 5:52 pm

Joined: 05 May 2005

Posts: 7

How to decrypt password when encrypted with md5()? . can any

thank u for responding..

yes they are empty variables, and I`m checking them if they got a value or not,
besides I didn`t got these messages on my local compu with PHP 4.2.2..
so I don`t know where is the wrong thing exactly..!

thank u again..

Vincent Duffaut <vduffaut@...> wrote:
Isn`t it undefined empty variables ?

Try to check if you define those variable before using them...

Hope to help

Vincent

-----Message d`origine-----
De : php-objects@yahoogroups.com [mailto:php-objects@yahoogroups.com] De la
part de aila sibai
Envoy� : lundi 20 juin 2005 14:27
� : php-objects@yahoogroups.com
Objet : [php-objects] "undefined variable" message..!

Hi,

I was writing a simple `log in` page using PHP 4.2.2 and local server APACHE
1.3, and every thing was going great until I tried to test this page on
another computer - another server actully! - with PHP 4.3.6 installed, and
got this message:

Notice: undefined index: userName in C:.... on line 11
Notice: undefined variable: userName in C:.... on line 11

and the same for every variable I`ve used in this page, but it still works
..!
really I don`t understand what`s happening there..!

please, can any one help me?

Aila..

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

[Non-text portions of this message have been removed]

PHP Data object relational mapping generator - http://www.meta-language.net/

Yahoo! Groups Links

--------------------------------------------------------------------------------
--------------------------------------

Ce message a ete analyse par deux antivirus maintenus � jour en permanence.
Si vous recevez ce message par erreur, merci de nous en avertir et de d�truire
celui-ci.

This message has been scanned by two antivirus constantly updated.
If you receive this message by error, please tell us before destroying it.

PHP Data object relational mapping generator - http://www.meta-language.net/

---------------------------------
Yahoo! Groups Links

To visit your group on the web, go to:
http://groups.yahoo.com/group/php-objects/

To unsubscribe from this group, send an email to:
php-objects-unsubscribe@yahoogroups.com

Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.

---------------------------------
Yahoo! Sports
Rekindle the Rivalries. Sign up for Fantasy Football

[Non-text portions of this message have been removed]

aila_sib Posted: Mon Jun 20, 2005 6:16 pm

Joined: 05 May 2005

Posts: 7

How to decrypt password when encrypted with md5()? . can any

thank u Brian..
I`ll chang the settings in the php.ini file, and I think it`ll work..:-)
thank u very much..

Aila..

Brian Hickey <brian.hickey@...> wrote:
Hi Aila,

These notices are most likely appearing because of the error
reporting setting (probably E_ALL) in the php.ini file on the new
server. Programming best practice dictates that you should always
initialise your variables before use (to reduce potential security
risks amongst others), but if this is OK by you, and the script still
works, change your error_reporting setting in php.ini (or by using
the error_reporting() function) so that notices are ignored [for
example, to E_ALL & ~E_NOTICE which means all errors except
notices]. For more info, see
http://www.php.net/manual/en/function.error-reporting.php and
http://www.php.net/manual/en/ini.php

Hope that helps,
Brian

--- In php-objects@yahoogroups.com, aila sibai <aila_sib@y...> wrote:
> Hi,
>
> I was writing a simple `log in` page using PHP 4.2.2 and local
server APACHE 1.3, and every thing was going great until I tried to
test this page on another computer - another server actully! - with
PHP 4.3.6 installed, and got this message:
>
> Notice: undefined index: userName in C:.... on line 11
> Notice: undefined variable: userName in C:.... on line 11
>
> and the same for every variable I`ve used in this page, but it
still works ..!
> really I don`t understand what`s happening there..!
>
> please, can any one help me?
>
> Aila..
>
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
> [Non-text portions of this message have been removed]

PHP Data object relational mapping generator - http://www.meta-language.net/

---------------------------------
Yahoo! Groups Links

To visit your group on the web, go to:
http://groups.yahoo.com/group/php-objects/

To unsubscribe from this group, send an email to:
php-objects-unsubscribe@yahoogroups.com

Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

[Non-text portions of this message have been removed]

freelanceprogrammers.org Forum Index » PHP

All times are GMT
Page 1 of 1

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Freelace Website Designer - Customer web design and software building.
China Wholesale - Electronics Products
Character Studio - Tutorials and Help