> -----Original Message----- > From: JeRRy [mailto:jusa_98@yahoo.com] > Sent: Tuesday, June 24, 2003 9:50 AM > To: bbonkosk@tampabay.rr.com; php-db@lists.php.net > Subject: Re: md5 question! > > So with md5 I can > retrieve the passwords back to the user if they lose > them via email. No, you can't. You'll need to generate a new password, md5 it, store it & mark it expired, timestamp it so it's only valid for, say, 30 minutes, email it, and finally, force the person to choose a new password when they sign in. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
