As others suggested, use md5 or one of the mhash functions. You can't
retrieve the password, but you shouldn't need to anyway.
When someone looses their password, get rid of their old one and mail them
their randomly created new one. Then just allow them to change it to
whatever they want.
Make
On Monday 16 April 2001 20:41, you wrote:
> I'm looking for comments on this one. I'm developing a site that
> will have user logins on it. What's the best way to do this? What to
> store, and how?
>
> - Are people more inclined to use a username when they need to log
> in to some
As far as decryption goes, ignore that. When they choose as password Crypt()
it with a seed. Then when the login, Crypt() what they type in with the same
seed and compare to 2. Decrypting means you have the dcryption source lying
around somewhere. A definite scurity problem. Crypt does a great job
3 matches
Mail list logo
