asp:PasswordRecovery - show password on screen

Hi
I'm developing an intranet where a lot of users dont have an email address so i need to do a password recovery by asking them their security question, and then reveal the password on screen

Is this possible ?
I'm really after the code or a tutorial that shows how to do this
i've looked and all i can find are the standard tutorials that email the password

Thanks
websssAsked:
Who is Participating?
 
Nicholas FordConnect With a Mentor Commented:
As it is encrypted, you can not feasibly retrieve the original email.  All you can do is take user input, hash it using the salt (using the same/original hashing function) and compare the resulting hash with what's stored in the database.

So for forgotten passwords you will need to have users reset their password after passing the security question.  You can do this either way (immediately on the page or by sending a link via email).  The best way would be considered to email the link so that it's more likely that the user is the one resetting the password.
0
 
Nicholas FordCommented:
If they send the password via email, just change the script so that instead of sending the email it displays the result on the page.  Remember, the only way to show a users password again is if it's not stored in an encrypted format (i.e., MD5 hash).
0
 
websssAuthor Commented:
it's encrupted
I can see salt etc in the DB

so is my only option an email?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.