Rails - May 2006 - Undoing a SHA1

Hello for my password recovery system I want to recover the users 
password and send it to them. In the DB its saved via SHA1 (login 
generator)

-- 
Posted via http://www.ruby-forum.com/.

I may be wrong on this but I believe that SHA1 is (for the most part)
unrecoverable. I would suggest that you create a random password
generator.... change the password and email it to the user.


On 5/11/06, Mohammad <fake@fakes.com> wrote:
> Hello for my password recovery system I want to recover the users
> password and send it to them. In the DB its saved via SHA1 (login
> generator)
>
> --
> Posted via http://www.ruby-forum.com/.
> _______________________________________________
> Rails mailing list
> Rails@lists.rubyonrails.org
> http://lists.rubyonrails.org/mailman/listinfo/rails
>

any one know what the code for generating a random password would be?

-- 
Posted via http://www.ruby-forum.com/.

Try this:

  def random_string(len)
    code_array=[]
    chars = (''a''..''z'').to_a -
[''a'',''e'',''i'',''o'',''u'']
    1.upto(len) {code_array << chars[rand(chars.length)]}
    code_array
  end


Rodrigo Dominguez
?
Iplan Networks ???????????????Datos Personales
rdominguez@iplan.com.ar ??????rorra@rorra.com.ar
www.iplan.com.ar ?????????????www.rorra.com.ar
5031-6303 ????????????????????15-5695-6027


-----Mensaje original-----
De: rails-bounces@lists.rubyonrails.org
[mailto:rails-bounces@lists.rubyonrails.org] En nombre de Mohammad
Enviado el: Jueves, 11 de Mayo de 2006 05:55 p.m.
Para: rails@lists.rubyonrails.org
Asunto: [Rails] Re: Undoing a SHA1

any one know what the code for generating a random password would be?

-- 
Posted via http://www.ruby-forum.com/.
_______________________________________________
Rails mailing list
Rails@lists.rubyonrails.org
http://lists.rubyonrails.org/mailman/listinfo/rails

On 5/12/06, Mohammad <name.goes.here44@gmail.com>
wrote:
> any one know what the code for generating a random password would be?
something along the lines of

pwlen = rand(6)+3
pw = (0..pwlen).map { rand(96)+32 }.join('''')

martin

On May 11, 2006, at 1:59 PM, Martin DeMello wrote:
> On 5/12/06, Mohammad <name.goes.here44@gmail.com> wrote:
>> any one know what the code for generating a random password would be?
>
> something along the lines of
>
> pwlen = rand(6)+3
> pw = (0..pwlen).map { rand(96)+32 }.join('''')
Nice, but doesn''t work, missing character conversion.

Array.new(rand(6).to_i+3) { (rand(96).to_i+32).chr }.join('''')

Try this:
[Array.new(6){rand(256).chr}.join].pack("m")[0..7]

On 5/12/06, Tom Mornini <tmornini@infomania.com>
wrote:
> On May 11, 2006, at 1:59 PM, Martin DeMello wrote:
>
> > On 5/12/06, Mohammad <name.goes.here44@gmail.com> wrote:
> >> any one know what the code for generating a random password would
be?
> >
> > something along the lines of
> >
> > pwlen = rand(6)+3
> > pw = (0..pwlen).map { rand(96)+32 }.join('''')
>
> Nice, but doesn''t work, missing character conversion.
oops - yes, that''ll teach me not to type code straight into the browser
window
>
> Array.new(rand(6).to_i+3) { (rand(96).to_i+32).chr
}.join('''')
You don''t need the to_i - rand returns an integer if given a nonzero
argument. From ri:

------------------------------------------------------------ Kernel#rand
     rand(max=0)    => number
------------------------------------------------------------------------
     Converts max to an integer using max1 = max.to_i.abs. If the
     result is zero, returns a pseudorandom floating point number
     greater than or equal to 0.0 and less than 1.0. Otherwise, returns
     a pseudorandom integer greater than or equal to zero and less than
     max1.

martin

On May 11, 2006, at 4:05 PM, Martin DeMello wrote:
> On 5/12/06, Tom Mornini <tmornini@infomania.com> wrote:
>> On May 11, 2006, at 1:59 PM, Martin DeMello wrote:
>>
>> > On 5/12/06, Mohammad <name.goes.here44@gmail.com> wrote:
>> >> any one know what the code for generating a random password  
>> would be?
>> >
>> > something along the lines of
>> >
>> > pwlen = rand(6)+3
>> > pw = (0..pwlen).map { rand(96)+32 }.join('''')
>>
>> Nice, but doesn''t work, missing character conversion.
>
> oops - yes, that''ll teach me not to type code straight into the  
> browser window
>
>> Array.new(rand(6).to_i+3) { (rand(96).to_i+32).chr
}.join('''')
>
> You don''t need the to_i - rand returns an integer if given a
nonzero
> argument. From ri:
Cool. Thanks for the tip!

-- 
-- Tom Mornini

>>>>> "Brian" == Brian Hogan <bphogan@gmail.com>
writes:
> I may be wrong on this but I believe that SHA1 is (for the most part)
> unrecoverable.
SHA-1 is a hashing algorithm. This means that it''s _designed_ not to
be reversible. While weaknesses in the algorithm have been found in
the past couple of years, finding data that hashes to a specific given
hash is still in the extremely serious supercomputer range (as in
unless your machine does lots of teraflops and you have months to
spend, don''t even dream about it).
-- 
		     Calle Dybedahl <calle@cyberpomo.com>
		 http://www.livejournal.com/users/cdybedahl/
     "And don''t try to tell us there is no way to go but up,
because the
      truth is, there is *always* more down." -- Gunn, Angel: the Series