Hello for my password recovery system I want to recover the users password and send it to them. In the DB its saved via SHA1 (login generator) -- Posted via http://www.ruby-forum.com/.
I may be wrong on this but I believe that SHA1 is (for the most part) unrecoverable. I would suggest that you create a random password generator.... change the password and email it to the user. On 5/11/06, Mohammad <fake@fakes.com> wrote:> Hello for my password recovery system I want to recover the users > password and send it to them. In the DB its saved via SHA1 (login > generator) > > -- > Posted via http://www.ruby-forum.com/. > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails >
any one know what the code for generating a random password would be? -- Posted via http://www.ruby-forum.com/.
Try this:
def random_string(len)
code_array=[]
chars = (''a''..''z'').to_a -
[''a'',''e'',''i'',''o'',''u'']
1.upto(len) {code_array << chars[rand(chars.length)]}
code_array
end
Rodrigo Dominguez
?
Iplan Networks ???????????????Datos Personales
rdominguez@iplan.com.ar ??????rorra@rorra.com.ar
www.iplan.com.ar ?????????????www.rorra.com.ar
5031-6303 ????????????????????15-5695-6027
-----Mensaje original-----
De: rails-bounces@lists.rubyonrails.org
[mailto:rails-bounces@lists.rubyonrails.org] En nombre de Mohammad
Enviado el: Jueves, 11 de Mayo de 2006 05:55 p.m.
Para: rails@lists.rubyonrails.org
Asunto: [Rails] Re: Undoing a SHA1
any one know what the code for generating a random password would be?
--
Posted via http://www.ruby-forum.com/.
_______________________________________________
Rails mailing list
Rails@lists.rubyonrails.org
http://lists.rubyonrails.org/mailman/listinfo/rails
On 5/12/06, Mohammad <name.goes.here44@gmail.com> wrote:> any one know what the code for generating a random password would be?something along the lines of pwlen = rand(6)+3 pw = (0..pwlen).map { rand(96)+32 }.join('''') martin
On May 11, 2006, at 1:59 PM, Martin DeMello wrote:> On 5/12/06, Mohammad <name.goes.here44@gmail.com> wrote: >> any one know what the code for generating a random password would be? > > something along the lines of > > pwlen = rand(6)+3 > pw = (0..pwlen).map { rand(96)+32 }.join('''')Nice, but doesn''t work, missing character conversion. Array.new(rand(6).to_i+3) { (rand(96).to_i+32).chr }.join('''')
Try this:
[Array.new(6){rand(256).chr}.join].pack("m")[0..7]
On 5/12/06, Tom Mornini <tmornini@infomania.com> wrote:> On May 11, 2006, at 1:59 PM, Martin DeMello wrote: > > > On 5/12/06, Mohammad <name.goes.here44@gmail.com> wrote: > >> any one know what the code for generating a random password would be? > > > > something along the lines of > > > > pwlen = rand(6)+3 > > pw = (0..pwlen).map { rand(96)+32 }.join('''') > > Nice, but doesn''t work, missing character conversion.oops - yes, that''ll teach me not to type code straight into the browser window> > Array.new(rand(6).to_i+3) { (rand(96).to_i+32).chr }.join('''')You don''t need the to_i - rand returns an integer if given a nonzero argument. From ri: ------------------------------------------------------------ Kernel#rand rand(max=0) => number ------------------------------------------------------------------------ Converts max to an integer using max1 = max.to_i.abs. If the result is zero, returns a pseudorandom floating point number greater than or equal to 0.0 and less than 1.0. Otherwise, returns a pseudorandom integer greater than or equal to zero and less than max1. martin
On May 11, 2006, at 4:05 PM, Martin DeMello wrote:> On 5/12/06, Tom Mornini <tmornini@infomania.com> wrote: >> On May 11, 2006, at 1:59 PM, Martin DeMello wrote: >> >> > On 5/12/06, Mohammad <name.goes.here44@gmail.com> wrote: >> >> any one know what the code for generating a random password >> would be? >> > >> > something along the lines of >> > >> > pwlen = rand(6)+3 >> > pw = (0..pwlen).map { rand(96)+32 }.join('''') >> >> Nice, but doesn''t work, missing character conversion. > > oops - yes, that''ll teach me not to type code straight into the > browser window > >> Array.new(rand(6).to_i+3) { (rand(96).to_i+32).chr }.join('''') > > You don''t need the to_i - rand returns an integer if given a nonzero > argument. From ri:Cool. Thanks for the tip! -- -- Tom Mornini
>>>>> "Brian" == Brian Hogan <bphogan@gmail.com> writes:> I may be wrong on this but I believe that SHA1 is (for the most part) > unrecoverable.SHA-1 is a hashing algorithm. This means that it''s _designed_ not to be reversible. While weaknesses in the algorithm have been found in the past couple of years, finding data that hashes to a specific given hash is still in the extremely serious supercomputer range (as in unless your machine does lots of teraflops and you have months to spend, don''t even dream about it). -- Calle Dybedahl <calle@cyberpomo.com> http://www.livejournal.com/users/cdybedahl/ "And don''t try to tell us there is no way to go but up, because the truth is, there is *always* more down." -- Gunn, Angel: the Series