On 11/1/06, shidan <[EMAIL PROTECTED]> wrote: > > Hi how can I get a Users password after it has been hashed. Reseting it > is not > good enough due to the nature of the application and how it integrates > with the > rest of the system
You can't. Non-reversibility is the entire purpose of a password hash - hashes are one way trapdoor functions. Your only option would be to add a 'cleartext password' field to a model somewhere, and keep the original password when the user submits it. However, this is a bad idea from a security point of view, as it introduces a point of weakness by which intruders can find the password of other users, and thereby gain access as another user. Yours, Russ Magee %-) --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~----------~----~----~----~------~----~------~--~---
