From: Mogens Melander
Date: August 18 2007 9:23pm
Subject: Re: Password storage
List-Archive: http://lists.mysql.com/mysql/208627
Message-Id: <3916.90.184.17.152.1187472202.squirrel@mail.fumlersoft.dk>
MIME-Version: 1.0
Content-Type: text/plain;charset=utf-8
Content-Transfer-Encoding: 8bit


On Sat, August 18, 2007 20:17, Mike Aubury wrote:
> But you can use it for passwords (ask Unix)...
>
> You can't decode what the original password was, but you can encode the
> password they typed in and check the two hashes match - if they do - the
> chances are that the original passwords match (the odds against are huge!)

Well, i got the impression that OP wanted to retrieve the cleartext
string, but i could be wrong.

> On Saturday 18 August 2007 16:19, Mogens Melander wrote:
>
>> MD5() is not an encryption function. The MySQL manual states:
>>

-- 
Later

Mogens Melander
+45 40 85 71 38
+66 870 133 224



-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.