i have created a login page and im thinking of using password encrytion in the database.
but wats the best way to use it beside md5
because that md5 cannot decrypt if im not wrong,which is important to me as if someone have lost their password, i can sent the password to him thru email.

    I use md5. If someone losts password, i just generate a new one and send it to him by mail...

      load me on the generate a new one boat but I generate them like this

      <?php
function gen_pass() {
    $key = array();
    $sizes = array('huge','large','big','average','normal','small','tiny');
    $colors = array('red','orange','yellow','green','blue','indigo','violet');
    $animals = array('cat','dog','fish','mouse','rat','hamster','feret','moose',
                     'whale','shark','termite','snake','bear','fox','goose','duck',
                     'rabbit','mole','deer','racoon','spider','elephant','elk','dingo');
    $i1 = rand(0,6);
    $i2 = rand(0,6);
    $i3 = rand(0,24);
    $pswrd = $sizes[$i1] . '_' . $colors[$i2] . '_' . $animals[$i3];
    return $pswrd;
}
?>

        security wise you will want to use md5. an intruder could hijack the table and basicly have all of your users passwords and most likely usernames.

        the best way is to have an update page for your users and generate temporary passwords for them to enter and update their passwords themselves.

          Write a Reply...