Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

base 64 de-crypt 1

Status
Not open for further replies.

bluesauceuk

Programmer
Jan 1, 2001
73
GB
I have been storing passwords in my database like so...

<cfset enc_password = ToBase64(Encrypt(form.password, form.password))>

No for the world of me I can't figure out how to reverse it... I am making a password reminder that is emailed - which is done - the only thing is how do I convert the string back to it original value?

What's confusing me is that the key is the same as the password.

Can anyone help?

Thanks
 
why would you want to convert a password back to a simple text string?

if you want to compair the two, just encript the users form entry and compair both encrypted versions.

That's how you would use Hash() too, you can't reverse it.

If you want to change the password or if the user forgets the password, reset it to a default value like "password" or the same as the users name. when the user logs in check to see if the password is the default and prompt them to change it.

Human beings, who are almost unique in having the ability to learn from the experience of others, are also remarkable for their apparent disinclination to do so.
-Douglas Adams (1952-2001)
 
That's how I compare for a login... but I don't need that

I need to send it back to the user... as it is a password.. but needs to be in plain text... the gobbledegook... will not help them remember.

All the logic is great - just can't quite work out how to convert it back..

Any help will be appreciated.

Mark
 
I don't want to reset the password... I just want to send the original..
 
is this if they forget it or when the register?

if it is when the register just email it to them prior to encrypting it

but here is info on encrypt() and decrypt() from live docs

Human beings, who are almost unique in having the ability to learn from the experience of others, are also remarkable for their apparent disinclination to do so.
-Douglas Adams (1952-2001)
 
It is a password reminder (forget it!) - the password is encrypted - using the above method. I need to email them the original password.. the password is stored in the database... something like...

letmein gives Jz1KWjJCRSk1TjAgIAo=

Have you any idea how to reverse this fuction? .....

Code:
<cfset enc_password = ToBase64(Encrypt(form.password, form.password))>

where form.password (plain txt) and enc_password (encrypted)

If form.password was "letmein"
enc_password becomes "Jz1KWjJCRSk1TjAgIAo="

A this is driving me nuts!
 
Well, I don't really see any way to decrypt it. Since the "key" you used to encrypt it was the password before it was encrypted, but now that it's encrypted there's no longer a record of it before encryption to use as the key for decryption, right? [sadeyes]

What you need to do is set up one "key" to be used for the encryption/decryption of all passwords. Or if you want it to be unique to each user, you let it be their username and maybe add some numbers to it or something.

But as you currently have it set up, I don't think you can do it. You have encrypted the only value able to decrypt the password.



Hope This Helps!

Ecobb
Beer Consumption Analyst

"My work is a game, a very serious game." - M.C. Escher
 
i am going to encript them using the username as the key!
 
you said:
Have you any idea how to reverse this fuction?

yes as i posted before

here is info on encrypt() and decrypt() from live docs

decrypt() being how to reverse.

No need to get pissy at me if your not going read the info i posted for you. I understand you're frustrated, but get a grip.

Human beings, who are almost unique in having the ability to learn from the experience of others, are also remarkable for their apparent disinclination to do so.
-Douglas Adams (1952-2001)
 
good job ecobb star for you.

Human beings, who are almost unique in having the ability to learn from the experience of others, are also remarkable for their apparent disinclination to do so.
-Douglas Adams (1952-2001)
 
I am sorry - got a deadline - and I was in a panic - I am not getting pissy!

I have given you both a star... ecobb I thought was bombboy, when I starred it - but both thank-you for your valued effort and I appreciate it..

Now I am off to sort out more headaches...

Thanks
 
Not a problem.

you do not need toBase64() that's more for storing binary data as a string to put it into a db. your encrypted password is already a string.

according to livedocs in order to make a string that toBase64 was used on back to a string you have to convert it to binary data then use tostring to make it a string again.

liveDocs said:
Base64 lets you store binary objects in a database.

Note: To reverse Base64 encoding of a string, you can convert it to a binary object, then convert the binary object to a string, using the toString function.

Human beings, who are almost unique in having the ability to learn from the experience of others, are also remarkable for their apparent disinclination to do so.
-Douglas Adams (1952-2001)
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top