Quote:
Originally Posted by Grandalio
the current password to the registered email address?
|
The way it is currently setup (a salted md5) you can't reverse it. To do this you would have to store the same password during registration somewhere else before it is hashed. No matter how you encrypt this other password you will have to decrypt it somewhere else before its sent back to the email. Doing this you decrease the security in place on the players' accounts, and no one wants that.
Why retrieve your forgotten password when its something that the person obviously can't remember. Instead you give them a different password, and then have them change it to something else (hopefully something they wont forget again).