| Lee: You don't need to "Decrypt" a 1-way encrypted password. You just need to re-encrypt what the user supplied and compare against the already encrypted password.
So if the admin choose a password, and encrypted it using SHA1 with a Key "CoolBeans12345"... It would spit out a huge string as the password.
Then the user logged in... the application or website would know to encrypt the password that the user supplied with "CoolBeans12345" - now I have that string, compare it against the Admin Password. |