Member Avatar for rahulkashyap82

Hi,
I am saving the password in the database using SHA-1 encyption. On forgetting the password i have to email the user his old password. But i am not able to decrypt the password saved in the database. Can anybody help me in creating a decryption code in java for the same. looking fwd for quick replies
Thanks
Rahul

  • 2 Contributors
  • 5 Replies
  • 103 Views
  • 1 Day Discussion Span
  • Latest Post Latest Post by masijade

Recommended Answers

All 5 Replies

Member Avatar for masijade

Normally, in this situation, you create a new password and send that to the user (and, usually, you only allow that generated password to be used once and force the user to set a new one upon using it).

Member Avatar for rahulkashyap82

Normally, in this situation, you create a new password and send that to the user (and, usually, you only allow that generated password to be used once and force the user to set a new one upon using it).

Thanks but the client requirement is to email the user with their previous password only

Member Avatar for masijade

Well, sorry to tell you this, but SHA-1 is a hash algorithm, it is not meant to be decoded.

Member Avatar for rahulkashyap82

Thanks for your reply, can you provide me some documentation that can help me to convince the client

Member Avatar for masijade

It can still be done, but you can't use a hashing algorithm. The password will have to be encrypted (not hashed), using some other encrytion format and some sort of key will be needed. These sort of method is, normally, not as secure, though.

If you need some sort of documentation, then google for the SHA-1 specs and see what they say about decryption, or simply google for general information about hashing algorithms, of which SHA is one (SHA stands for secure hash algorithm, BTW).

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.