protecting passwords?

Adamthenewbie

I would like to encrypt passwords people give by using PASSWORD() in the SQL Statement before I insert the users information into the user table.

It works fine but my problem is if someone forgets their password, is there an easy way to decrypt it and send it to them over email?? I already have it set up to send an email to them I just cant figure out how to decrypt there password. Anyway maybe you can’t even do this because if you can decrypt a password that easy what would the point be to encrypt it in the first place.. Anyway I am a little confused. What should I do to protect Users passwords?

bastien

Use MD5 to encrypt (really its a hash) and its one way only.

When a user forgets their password, simply have a function that will replace the password with some random password and email the user with that new password...much safer