开发者

Get back computed hash value when using SHA512Managed

开发者 https://www.devze.com 2023-03-14 20:01 出处:网络
this may sound non sense, actually in may application I use to store password string in DB by computi开发者_开发问答ng to hash using SHA512Managed, I am writing a utility using which an admin can send

this may sound non sense, actually in may application I use to store password string in DB by computi开发者_开发问答ng to hash using SHA512Managed, I am writing a utility using which an admin can send mails to users using that EmailAddress and Password, but I can't pass that coputed value as a password to SMTP. is there any way to solve this?

Or a better cryptogarphy way?

Or any way to send mail in this condition?

Thanx


You cant, SHA512 I believe is not possible to be decrypted, which is why it is used.

All you can do is keep some form of data on your users aka, secret questions, and they must match them and then it will send them a new password.

Any properly encrypted password is not abled to be decrypted


You should NOT be using OR sending your users password, or even a simple hash of that, for that matter.

If you want to enable password reset, you should hand the users a TOKEN (which is NOT the hash of anyone's password). This token should be separately stored in a table and should have a set expiry.

You can use any kind of cryptographic hash (SHA512 is just fine) to 'encode' special information.

--- I fully missed what you meant by 'I cannot...as a password to SMTP'

If you need the original password of your users to even send mail, than - well that is twisted. Perhaps you could elaborate/explain this part


SHA-512 is a one-way hash, meaning you can't take the hash value and determine what string/value was used to generate that hash. Technically, there can be an infinite number of strings/values that would generate the same hash.

If you want to be able to get the value back, you should use encryption, not hashing.

0

精彩评论

暂无评论...
验证码 换一张
取 消