RE: Retrieving SHG Password


#1

The SLG puts the hashed password in the ‘salted_password’ member of the
User model that was generated.

If you want to get the original password text: you can’t. The password
is hashed (not encrypted), and that is not reversible to extract the
original password.

If your user forgets their password, all you can do is let them set a
new one, and the SLG has a bunch of code to send a ‘security token’ to
the user that is, in effect, a temporary password that expires fairly
quickly.


From: Nicholas Van W. [mailto:removed_email_address@domain.invalid]
Sent: Friday, November 25, 2005 2:30 PM
To: removed_email_address@domain.invalid
Subject: [Rails] Retrieving SHG Password

How does one retrive an encryped password generated with the Salted
Login Generator?

Thanks,
Nick