hi i have encrypted password using md5, now my prob is when i want to update a user the password textfield contains an encrypted pword…it should display be the original pword of course, how to do that?
hi i have encrypted password using md5, now my prob is when i want to update a user the password textfield contains an encrypted pword…it should display be the original pword of course, how to do that?
I had this very same question when I started using MD5 to store password.
The whole point of using MD5 hash with a password is that it is a one way operation. If you want to update user password, first have user enter existing value. If MD5 Hash matches value stored, then update stored MD5 hash value to the new passwords hash value. Assumes user is entering password in two "password" fields/controls and you are checking for equality or its a single PW field/edit control that user can see what is typed.
HTH
p.s. I have a similar issue in that if multiple apps use MD5 and then a new once comes along with Unicode support, it kind of upsets things, so I guess its important to pay attention to your database charactersets and collations.
md5() is one way encryption… it means that you cannot get the original password from the hash… that’s why on all the sites that uses an encryption like this… you cannot retrieve your password… you can only set a new one…
Note: more security can be achieved by using SHA1 and a salt per user. Your case may not need it though.