Password Encryption Email Script

This script allows for a password to be sent to the end-user by email or a token link with set expiration. It uses 128bit AES and SHA256 encryption. An optional key phrase or word can be used as a secondary security measure. It uses SQL to store the password and token, never in plain text. Option to require https when opened.

Case Usage Example

A.) Help desk receives a call from a technician on a remote work site that needs access to the modem/router. It is against policy to verbally speak or transmit a password in plain text. Help desk would enter the end user's email address, it will encrypt the password and send a link token to the end user with an expiration of 1 hour. The end user would open this link, password will be decrypted and shown. As an extra optional measure, help desk can communicate the optional key phrase, word or numbers as 2-factor authentication.

• Designed for Apache servers
• Microsoft Server IIS compatible with plugin URL Rewrite
• MySQL 5.7 or higher, PHP 7.3 or higher

It's a simple process but it does take about 15 minutes. Detailed instructions are included in the file but here is how simple it is:

1. Create a SQL database. SQL script included to simplify it.
2. Configure config.php (set SQL, email port and host)
3. Configure htpasswd with hashed data to connect to SQL db and email.
4. Store decryption_functions.php
5. Configure password_sender.php (Set paths)
6. Configure retrieve_password.php. (Set paths)
7. Set file permissions

File Contents

• instructions.txt
• template.html (optional for website integration)
• config.php
• decryption_functions.php
• password_sender.php
• retrieve_password.php
• htpasswd
• hash-username-and-password-script (optional)

A donation is always appreciated in crypto. It took about 18 hours to write and debug.

Note: I'm available for remote hire or contract. Please use contact link in the menu. No phone app development.