Random string generation

is there any way that i can generate random string from user password and regenerate a password from that random string when a user forgot his/her password in php other than using .MD5?

Take your pick

PHP random string generation - Google Search

When you use MD5, you can’t regenerate the password from the MD5-ed password.
And that’s how it should be.

If a user forgets his password, send him a mail (to his registered email address) with a new random password or a link where he can set a new password.

Do you mean you want two way encrypted strings? If I have understood correctly, for passwords I don’t think that would be good idea. I would recommend using hd5, sha1 functions for password things. You can allow them to reset passwords if they forgot their password. If you really want to two way general string then you can use base64_encode/decode functions.

As others have said, don’t do that. It’s no more secure than storing the passwords in plain text.

As Guido suggests, it’s much better to send them a link where they can set a new password. Make sure the link can only be used once, and make it timeout after a while. E.g. at work, we time the link out after 3 hours (although I’d much prefer to do so after only 15 minutes).