views:

353

answers:

3

How can I decrypt a password string in PHP which was encrypted with crypt?

$salt = substr($_POST['password'], 0, 2);  
$password = crypt($_POST['password'], $salt);

I need to send the original password in a forget password e-mail.

+6  A: 

http://php.net/manual/en/function.crypt.php

crypt — One-way string hashing

there is no reverse operation of crypt. The best you can - reset password and send it to user.

Andrey
+2  A: 

This is probably not the answer you are looking for, but this is just a more security wise practice.

Password should be One Way Hashed, when the user ask for a new Password, you should send him a temporary random password that he will change on next login.

Michael B.
+1  A: 

1) you can use symmetric encryption instead of hash (crypt function is hash) - in this way you would have possibility to decrypt it.

2) usually sites services create special link and mail it to user. By this link we have page where we can change password. It is more safe way to store passwords.

STEVER