Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
One must store the hashed password in the database for security reasons.
If a user does not remember their account password, how can they retrieve it back? I can only share their hashed password at this stage, which is useless to them.
Can you recover the password if it is hashed by md5, sha1 with additional salt?
There is but one simple answer: You cannot.
Well, theoretically you could, but it could take many years per password if they are long enough. After all, that is the point of hashing passwords in the first place: to make the data effectively useless to an attacker (or at least protect the user’s plaintext password, which is sensitive data.)
Just have the site send a “change your password” email containing a link to a page where that user can change his/her password. This is how most professional sites handle this dilemma.