tags:

views:

188

answers:

1
+1  Q: 

Codeigniter return password in profile?

(This is for a codeigniter project) I'm developing a user-profile page, that lists the user's profile very similarly to Stackoverflow's profile page.

I have a simple echo command in the view file:

<? echo $members->row()->password?>

This displays the md5 string. (I'm not too familiar with terms--I'm a beginner).

How can I display the password (like a password field) in the correct form?

+2  A: 

This is the whole point of MD5, you can't decrypt. You can only match encrypted strings together to see if they are equal.

Wikipedia: MD5

Wil  2010-01-26 20:35:03
Hahaha...okay. :) Would you just recommend having an "edit password" link?
Kevin Brown  2010-01-26 20:36:51
Depends on how you want to do it. If you are sold on MD5, then you need to provide a "Reset Password" link where that functionality only allows you to create a new password after some kind of verification process (usually email)
Wil  2010-01-26 20:40:22
Thanks for the info!
Kevin Brown  2010-01-26 20:58:31
No problem, good luck!
Wil  2010-01-26 21:01:04
You shouldnt just use md5. You should introduce a salt into the md5 also. See here http://en.wikipedia.org/wiki/Salt_%28cryptography%29 and here http://www.richardlord.net/blog/php-password-security
Tom Schlick  2010-01-27 02:37:17

related questions

What are some good security questions?
What's a good alternative to security questions?
Protect embedded password
How do you generate passwords?
Should I impose a maximum length on passwords?
How best to generate a random string in Ruby
What is the best way to check the strength of a password?
In a client-server application: How to send to the DB the user's application password?
How does your company manage credentials?
Replacing plain text password for app
How to implement password protection for individual files?
Password generation, best practice
Unique key generation
Generating Random Passwords
Oracle lost sysdba password
How does one decrypt a PDF with an owner password, but no user password?
Storing Windows passwords.
How do I avoid having the database password stored in plaintext in sourcecode?
How do I write Firefox add-on that automatically enters proxy passwords?
How to store passwords in Winforms application?
Two-way password encryption without ssl
Disable browser 'Save Password' functionality
Simple password encryption
Best way to store a database password in a startup script / config file?
Encrypting Passwords