Decrypting MySQL password on generating email to inform user of password

Question

I am implementing a login script that includes the ability to email users their username and password (stored in a MySQL database), in case they have forgotten either. The default behaviour of the script is to send the username and a new password, i.e. a temporary password is generated.

I am wondering if there is a way to just email the current password instead, so that the user wouldn't have to reset it. At the moment the passwords are encrypted, but I can't work out how this is done. The passwords are in the format:

*2D4CE9DDA883E4FBE985A3439D9DCDCBD88367A0

So when I try to send the current password, the encrypted password is sent.

Is there a way to decrypt the password on sending the reminder email, or do I have to leave it as it is?

Thanks,

Nick

Answer 1

The passwords are probably hashed, not encrypted. So no, you can't decrypt them. If they are in fact encrypted, you need the key to decrypt them. In any case, hashing (SHA1 most likely) is more secure way. Also check out the keyword "salt" in this context.

Just generate a new temporary password for them and force them to change it after the first login. It's the usual way to do it for a good reason. Dont' be like some big software companies and value comfort over security.

Answer 2

You really shouldn't do this, even if it is possible (which I doubt). Email is extremely insecure, and users tend to reuse passwords:

1. User comes up with a password and uses it on a bunch of sites including yours
2. You send a forgot password email with their password in it
3. Attacker intercepts that email and now has the user's password on every site they use

Just give them a new password like everyone else (and encourage or require them to change it on their next login).