Decrypt

A

Aamir Mahmood

why do you want to decrypt it? have you forgotten it :)

if you just want to check the incoming password then just encrypt that too,
and compare the two encrypted versions.

-
AM
 
G

Guest

MD5 is a hashing algorighm. This is a one-way encrypt. You cannot decrypt
this password. Only thing you can do is use the same hashing function you
used to hash the password the first time..then compare it to the hashed
password to the one stored in the database. This article explains this in
the Limitations of Storing Encrypted Passwords in the Database section
 
J

Jeff Louie

Vishal... I think you must have misunderstood the purpose of the MD5
algorithm. It is designed to create a "message digest". This allows you
to
verify a password without actually storing the password on the server.
As
such, it is a one way algorithm, designed to make it difficult to
compute the
original password from the message digest. For example, a crude method
would be to XOR all of the bytes in a password and store the result on
the
server creating a crude message digest.

Regards,
Jeff
I used this article
Click to expand...
(http://aspnet.4guysfromrolla.com/articles/103002-
1.2.aspx) to encrypt my password. Now I need to decrypt
the password again to a string. Is that possible, if so
how?<
 
V

Vishal

Thanks to all for the reply. Yes I somehow misunderstood
the MD5 algorithms. I overread that it is a one way
encryption. Can anybody tell me which encryption is used
for two-way? So that I can encrypt/decrypt the passwords?

Thanks
 
J

Jeff Louie

Vishal... RC4 and DES are examples of two way algorithms. The .NET
cryptograhpy API has two way algorithms, but it is _not_ recommended
that you store the encrypted passwords on the server. If someone
compromises the server they can decrypt them. If you only store
hashcodes on the server, it will be difficult to recreate the password
table. In fact, don't just hash the passwords, but combine the password
with a random "salt" --> hash the result and store the hash and random
salt on the server. To verify the user's credentials, take the users
input, add it to the stored random salt --> hash the result and compare
it to the stored hash.

Regards,
Jeff
Can anybody tell me which encryption is used
Click to expand...
for two-way? So that I can encrypt/decrypt the passwords?<
 
B

Ben Amada

Vishal,

I understand that decrypting passwords is important -- you might have a user
who lost their password and needs to be reminded what their password is --
among other scenarios where decryption is necessary. Have a look at this
example (VB.NET example starts in the middle of the page):

How To: Encrypt and Decrypt Data Using a Symmetric (Rijndael) Key
(C#/VB.NET)
http://www.obviex.com/samples/Encryption.aspx

Good Luck,
Ben
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

python + php encrypt/decrypt 0
Help 1
Output confusion 2
GPGME gem - cannot figure out how to decrypt data 8
The value of web.config RSA encryption 3
Another Password Confirmation 2
Perl Encrypt / Ruby Decrypt 1
Length of the data to decrypt is invalid 0

Members online

Total: 27 (members: 1, guests: 26)
Robots: 650

Forum statistics

Threads
473,769
Messages
2,569,581
Members
45,056
Latest member
GlycogenSupporthealth

Latest Threads

Top