How to decrypt hashed password using php?
Question
I'm currently using MD5 and SHA1 to save my users' passwords in a database but I don't know how to get them back in plain text. I tried to roll back same code I used to encrypt passwords but it gives me an error.
Code I'm using to encrypt passwords:
$hashedpassword = md5(md5(sha1(sha1(md5($normalpassword)))));
I tried to do the same thing back like this
$normalpassword = md5(md5(sha1(sha1(md5($hashedpassword)))));
Then I realized it's something funny :( !! Please help me...
4 answers
solution1
16 ACCPTED 2012-08-29 08:54:05
MD5和SHA-1是单向散列函数,这意味着您无法从散列值中获取原始字符串。
solution2
4 2012-08-29 08:55:05
You can't. Hashing is one way, you'll have to generate a new hash of the input at the login form and check if it is equal to the stored hash.
solution3
4 2012-08-29 08:56:24
Hashing ain't encrypting.
A hash function like MD5 and SHA1 can't be reversed, it only can be verifyed. That is usually the point for using a hash function, because the attacker cannot retrieve the clear passwords with the hashes (other attacks, like using rainbow-tables are ofc possible).
More details can be found here: http://en.wikipedia.org/wiki/Cryptographic_hash_function
If you want to store hashed passwords in databases, take a look at PHPass . It is a good class for php to hash and verify passwords as good as currently possible and is widely used in modern php based web applications.
solution4
2 2012-08-29 08:55:22
Why are you even encrypting them if you eventually want them back? Hashing is used precisely for the reason of being UNABLE to get passwords back in plaintext.
Use a symmetric cypher if you want them back.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.