So after someone registers on the site, I use bcrypt to encrypt their password which gets stored in the password column of the database. Now if they forgot their password, I want to email them the password so they can login and change it. How do I reverse the bcrypt encryption to get the original password back?
可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
回答1:
Bcrypt is a one-way hash. You cannot decrypt it. What you can do is send them a reset link which, when clicked, will allow them to set a new password.
回答2:
You have not understood the fundamental working of bcrypt. If there would be a simple reverse function, nobody would use bcrypt any longer. Use a password reset procedure instead of sending plaintext passwords.
Please see the Forgot Password Cheat Sheet.
![Prime Path[POJ3126] [SPFA/BFS]](https://oscimg.oschina.net/oscnet/e1200f32e838bf1d387d671dc8e6894c37d.jpg "Prime Path[POJ3126] [SPFA/BFS]")
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 神经病院院长 的文章《PHP Bcrypt Retrieve Password [closed]》','https://www.manongdao.com/article-922439.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}