How to decrypt Hash Password in Laravel

Question

I have google this alot, but unfortunatilty found no working solution.

I know its a bad technique, but I need to send user its password by email.

I have manage to sent user Hash password, but i am unable to decrypt this password.

The following is the procedure i am using.

    $results = DB::select("select * from dockl_users where email='" . Input::get('email')  ."';");                        foreach($results as $data){                 $password=          $data->password;                 $email=             $data->email;                 }              Mail::send('passwordRecovery', array('email' =>$password), function($message)             {                 $message->to(Input::get('email') )->subject('Password Recovery');             }); 

The above code send Encrypted password to the user by email but when i try to decrypt, it gives me following error message.

$decrypt= Crypt::decrypt($data->password);   

Invalid data.

throw new DecryptException("Invalid data."); 

Kindly guide me how to achieve this..

Answer 1

Short answer is that you don't 'decrypt' the password (because it's not encrypted - it's hashed).

The long answer is that you shouldn't send the user their password by email, or any other way. If the user has forgotten their password, you should send them a password reset email, and allow them to change their password on your website.

Laravel has most of this functionality built in (see the Laravel documentation - I'm not going to replicate it all here. Also available for versions 4.2 and 5.0 of Laravel).

For further reading, check out this 'blogoverflow' post: Why passwords should be hashed.