Prashant Tiwari wrote:> Hi,
> I am using acts_as_athenticated plugin for my rails application. That
> plugin is using "SHA1" algorithm to encrypt password & stroe
it into
> database. Now in future suppose user requsted his password through
> email, hhow should I decrypt that password in my application & for
> sending it through mail?
>
> Please help me.
> I am trying this since last 2 days. But still not succeeded.
>
> Thanx in advance for ur help.
> Prash
>
>
SHA1 is a hash algorithm, it can''t be decrypted. In your application,
a
user''s password is verified by hashing the submitted password with SHA1
algorithm and comparing this value with the stored SHA1 hash value. It
is never decrypted. If you want to email a password to your user, set a
new one, that they optionnaly can change after the next login.
Please also note that emailing password is just not secure (email is
sent in clear text over the network), although it is common practice...
But so is logging in without SSL, which is also common.
--
----------------------------------------------------------------------
Yannick Majoros http://www.inma.ucl.ac.be/~majoros
Informaticien UCL/INMA-MEMA
4, avenue G. Lema?tre
B-1348 Louvain-la-Neuve
Tel: +32-10-47.80.10
Fax: +32-10-47.21.80
----------------------------------------------------------------------
Mon calendrier en ligne : http://www.inma.ucl.ac.be/~majoros/calendar
Accents bizarre ? http://www.inma.ucl.ac.be/~majoros/email.html
----------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3403 bytes
Desc: S/MIME Cryptographic Signature
Url :
http://wrath.rubyonrails.org/pipermail/rails/attachments/20060609/67fe6ace/smime.bin