All geek questions in one place

How to display a salty password as a string

I have the code below where it contains the salt password:

$pass = rand(); $pass = md5($pass); $pass = substr($pass, 0, 15); $pass = md5(md5("g3f".$pass."rt4"));

Now, if I echo $ pass, then it will output this, for example:

 8723d9c8a8b2af798be25fd07ab0ff0a

But what I want to do is echo the password itself, so, for example, instead of displaying above, a line that is the "password" will be displayed.

How can this be achieved?

thanks

+4
source share
3 answers

Do not overwrite the $pass variable;

  $pass = rand(); $md5pass = md5($pass); $md5pass = substr($md5pass, 0, 15); $md5pass = md5(md5("g3f".$md5pass."rt4"));

MD5 hashing especially with salt is a one-way process. You cannot cancel it.

Any good password system does not save the original password, but saves a hashed copy, then checks to see if the user entered it correctly by hashing their input and comparing the two.

0
source

You can not. Hashing is a one-way street. If you want to hide the line that should be shown later, you will need to use encryption. However, this is a taboo when it comes to passwords.

To solve the second part of the question, you should NEVER send user passwords by email. Implement a server solution (for example, use security issues + checking their email), and after authentication, allow users to change their passwords directly on the website.

Oh, and one more thing - forget about MD5 !!!!

+10
source 
  $pass = rand(); $originalPass = $pass; $pass = md5($pass); $pass = substr($pass, 0, 15); $pass = md5(md5("g3f".$pass."rt4")); echo $originalPass;

or

  $pass = rand(); echo $pass; $pass = md5($pass); $pass = substr($pass, 0, 15); $pass = md5(md5("g3f".$pass."rt4"));
0
source

Source: https://habr.com/ru/post/1438659/

More articles:


All Articles