Hallo,

How to decrypt md5 password?

I have a password stored in mysql in md5 then would like to retrieve it and decrypt it.

How to do so?

Thanks in advance.

md5 no... php crypt() yes.

Member Avatar

diafol

Have you RTFM or http://bit.ly/1mmqGGb? The whole point of hashes (one-way) is that you can't unhash them - unless you use brute force / rainbow tables etc. md5 is not considered very secure compared to some other hashing algorithms.

Well, check this out:

user.php

//Load berita

    $result = mysql_query("SELECT * FROM user WHERE id=1") or die(mysql_error());

    if ( mysql_num_rows($result) == 1){

        $data = mysql_fetch_array($result);
        $id = $data['id'];
        $username = $data['username'];
        $email = $data['email'];
        $password = $data['password'];

    }
    else {
    echo "unable to select data ";
    echo "id is empty";
    }


?>

<div id="inputberita">
      <center>
        <h2>User</h2>
      </center>
      <p><i>Untuk saat ini biarkan satu login name saja untuk semua orang</i></p>

      <form method="post" action="<?php echo $_SERVER['PHP_SELF']?>">
            <input type="hidden" name="id" value="<?php echo $id; ?>"/>
            <table>
                <tr>Username <font color="red">*</font></tr><br>
                <tr><input type="text" size="40" id="username" name="username" value="<?php echo $username;?>"/><br><br></tr>             
                <tr>Email <font color="red">*</font></tr><br>
                <tr><input type="text" size="40" id="email" name="email" value="<?php echo $email;?>"><br><br></tr>       
                <tr>New Password</tr><br>
                <tr><input type="password" size="40" id="password" name="password" value="<?php echo $password;?>"><br><br></tr>      
                <tr>Confirm Password</tr><br>
                <tr><input type="password" size="40" id="password" name="password" value="<?php echo $password;?>"><br><br></tr>      
                <tr>             
                    <td colspan="2"><br><br><input type="submit" name="ok" value="Update"/><input type="submit" name="ok" value="Reset"/></td>
              </tr>
            </table>
        </form>

I am trying to create backend for web user. Supposing someone would like to change one's user and password. also my old password is hashed with md5 so if I show it (in form of black dots), it will be too long. There are more than 10 characters while the original password is shorter. So it looks a little bit funny. Do you get my point?

Member Avatar

diafol

Do you get my point?

No, I don't. You don't show the old password - dots or otherwise. That's the whole point. The user has to re-type the old password in order to change it to a new one. Example: a passer-by could change a pw while the user went to the toilet, effectively locking the user out of his account. Ideally a prompt fro a password should be made whenever key info e.g. address/tel number/email is changed, however, this is rarely implemented as a (poor IMO) compromise between security and convenience.

here's an example of what you may find useful:

http://www.daniweb.com/web-development/php/threads/478882/changing-pass-in-php-mysql#post2092388

It uses the new password functions - you will need PHP5.5
And if you don't use 5.5+ - think about upgrading - 5.5.0 is a year old!