How to get Decrypted password from Password Hash and Salt without Password passing to decrypt c#

Question

I have list of user's password (password Salt and password Hash ) saved in DB table. The password is not saved anywhere.

                var hmac = new HMACSHA512();
                var newUser = new Users
                {
                    UserName = userName.ToLower(),
                    CreatedDate = DateTime.UtcNow,
                    CreatedBy = User.Identity.Name,
                    PasswordHash = hmac.ComputeHash(Encoding.UTF8.GetBytes(pwd)),
                    PasswordSalt = hmac.Key

                };
                _dbContext.Users.Add(newUser);
                _dbContext.SaveChanges();

I need to display the password for each of the user only when needed. Say when we click on particular user with show password button by passing user ID.

Answer 1

As @Daevin said in the comment on your post, this is not possible with your current setup. Hashing is not something you can undo (if the hash is a proper cryptographic hash that is unbroken). https://www.techopedia.com/definition/14316/hashing-cybersecurity explains it well:

A good hash function for security purposes must be a unidirectional process that uses a one-way hashing algorithm. Otherwise, hackers could easily reverse engineer the hash to convert it back to the original data, defeating the purpose of the encryption in the first place.

So no, you can't display the user's password unless you store it unhashed somewhere.