tags:

views:

131

answers:

3
+3  Q: 

Password recovery with sha1 password hashing

I'd like to implement a forgot password function for my website. I hash the passwords using sha1. How would I recover this for the user?

What's the best method for implementing this?

+19  A: 

Short answer, you can't.

You want to implement a password reset function, not a password retrieval function. The whole point of hashing passwords is that you don't get to store the user's password, and you can't recover it if it is lost.

This should give you a rough idea of how to allow users to reset forgotten passwords:

meagar  2010-10-26 17:15:43
not only that he can't do it. more precise he shouldn't be able to do it. otherwise hashing would be useless by definition.
ITroubs  2010-10-26 17:17:06
Darn. I should have gone for the short answer :)
Cameron Skinner  2010-10-26 17:18:15
Thanks for this. So, reset the password makes sense. Thanks!
BigMike  2010-10-26 22:55:44
+4  A: 

The best method is to not attempt to recover the original password. If a user loses their password then generate a new, random one and use an out-of-band method for sending it to them (e.g. email). Remember that the whole point of hashing the password is to prevent recovery.

I know, I know, email is insecure. But if you require users to immediately change the generated password then the risk is mitigated.

By the way, I cannot recommend enough that you also salt the password and iterate the hash to prevent brute-force attacks in the event that an attacker obtains the hashed value.

Cameron Skinner  2010-10-26 17:17:44
+3  A: 

NO

There is no known effective way of reverting a sha1 hash to it's original text (since it's a one way function by design). If you would like to be able to show users their password at a later time, you will have to store it in a method that would be reversible (IE encryption, plaintext). This still is probably a bad idea, try to find a better way of doing it.

Kendall Hopkins  2010-10-26 17:18:40
What's an ineffective way of reverting a sha1 hash? :)
George  2010-10-26 17:22:11
@George Rainbow Tables will work fairly well on short simple passwords, but if the hash is salted or contains symbols, your probably not going to be able to reverse it.
Kendall Hopkins  2010-10-26 17:23:49
@George - brute force :)
Ishtar  2010-10-26 17:24:45
Brute force. Loop through all possible strings of text, hash each, compare to the stored hash. Running time grows exponentially with max string length. 5 characters (letters and numbers) is about the limit of practicality.
Seva Alekseyev  2010-10-26 17:26:12
Thanks for submitting your retrieve password request. An email will be mailed to you with your password in approximately 35 years.
George  2010-10-26 17:27:58

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases