问题
So after someone registers on the site, I use bcrypt to encrypt their password which gets stored in the password column of the database. Now if they forgot their password, I want to email them the password so they can login and change it. How do I reverse the bcrypt encryption to get the original password back?
回答1:
Bcrypt is a one-way hash. You cannot decrypt it. What you can do is send them a reset link which, when clicked, will allow them to set a new password.
回答2:
You have not understood the fundamental working of bcrypt. If there would be a simple reverse function, nobody would use bcrypt any longer. Use a password reset procedure instead of sending plaintext passwords.
Please see the Forgot Password Cheat Sheet.
来源:https://stackoverflow.com/questions/13084728/php-bcrypt-retrieve-password