Get original password from a hash string

Question

In C# code, I have an app that uses the WinSCP API. (it isn't important if is WinSCP or whatever).

To open a session, I need a user and a password; since that user/password is not introduced by any external user, it is directly taken from a config file like app.config and inserted directly by code, I need a way to store it securely in the config file.

I've used this hash generator: http://www.danstools.com/md5-hash-generator/ to generate a MD5 hash string from my password string and it is stored at the app.config file.

So my question is: how can I get the original password from the "hash" string?

Just in case:

If it is not the proper way to implement what I need, please show me the good way to securely store a password and when needed, get back the original password to use it in code.

Thank you.

Answer 1

Ok, to be blunt, your scheme is broken and you are misunderstanding hash functions completely.

Hash functions are one way. You are not supposed to be able to reverse them - in fact, there are times when two different strings will have the same hash. For example,

4dc968ff0ee35c209572d4777b721587d36fa7b21bdc56b74a3dc0783e7b9518afbfa200a8284bf36e8e4b55b35f427593d849676da0d1555d8360fb5f07fea2
4dc968ff0ee35c209572d4777b721587d36fa7b21bdc56b74a3dc0783e7b9518afbfa202a8284bf36e8e4b55b35f427593d849676da0d1d55d8360fb5f07fea2

Both Md5() to: 008ee33a9d58b51cfeb425b0959121c9 ( source )

There's just no way to "reverse" them, since that is the point of a "message digest".

Don't use some website for generating a hash of your password, this is just risky. You typed your super secure password on an unecrypted connection (http) and gave it to a third party site that may or may not store it (along with your IP). This sounds paranoid, but if you are trying to protect this password, then you are making lots of mistakes along the way. That password is no longer able to be used in my opinion.

MD5 is not an acceptable hashing algorithm for passwords. It is too fast, and if I got a hash of your password, I'd probably be able to crack it in less than a day, and probably even sooner. That would be if you were using a salt, which you probably weren't. In that case, your password would be cracked in seconds with a rainbow table. You want something like bcrypt/scrypt/pbkdf2 since they have a configurable work factor that makes them slower.

Your app.config should be a fairly secure file, and some would be comfortable storing passwords/connection strings in plaintext here. It's good that you want to protect this, but the correct way to do this is to encrypt the config file (or just the specific fields). Encrypting => reversible : hashing => non-reversible.

There are lots of questions already on how to encrypt config files, and it is out of scope of the question to describe how.

Check here (as well as the linked duplicates): Encrypting Web.Config

Answer 2

the reason to use hashes to store passwords is that it is NOT possible to retrieve the original password. This way the password is securely stored. The way to authenticate is instead to use the same hashfunction (MD5 in your case) on the password, and compare the two hashes for equality and not the passwords themselves. The hashfunction only works in one direction, but it will reproduce the same result for the same input.

I hope this helps!