Possible Duplicates:
I Have md5 encrypted password, how to give the password to user when he uses “Forgot password”?
PHP:How to send the original password to the user when he clicks forgot password which is encrypted by using md5?
I do not know is it the right way to ask this question but I am implementing my own membership script in PHP and right now, I am stuck with the retrieving the MD5 codes from database. OK, I insert the user info to the database and because of the security issues I encrypted the password before saving it to database but my question is that when I try to create a forget your password stuff, how can I get the unencrypted password from the database. By the way I use MySQL and my question is not about inserting or retrieving data from database, I only ask how can I reverse the MD5 thing. Thanks in advance!
You can’t. MD5 hashes, or hashes in general, are not reversible. That’s exactly the reason why you’re using them in the first place to store passwords, because you do not want the responsibility of knowing the actual password.
Forgot password functionality is implemented by sending an email to the user with a one-time link he has to click on and letting him enter a new password.