Forum OpenACS Q&A: Retreive Passwords

Collapse
Posted by Samer Abukhait on
Is there a way to retrieve the current encrypted password (using the
ns_sha1), so as to use it in a forgotten password form, or the way is
only not to encrypt it originally??
Collapse
Posted by Simos Gabrielidis on
SHA is a one-way hash function, so it is difficult to compute the plain-text from the cipher (encrypted) text. You may try to automatically generate a new password and email this password instead. Another alternative is to not encrypt it, if you do not mind storing plain-text passwords in your database.