How to recover password from MD5?

Question

How to recover password from MD5?

I am using md5 to encrypt a user's password in my database and I want them to get their password back when they forget by sending them an email. The problem is, I don't know how to write PHP code to restore it.

Any answer or related link would be much appreciated. Thank..

+3

php md5 forgot-password

Tepken vannkorn 06 Apr 12 at 9:01 am

source to share

5 answers

As mentioned, MD5, like all hash functions, should not be overridden. This can also be done, because many strings can be hashed into one string, and the other way around, you might end up with another string.

If you're lucky, you can find your hash in rainbowtables: http://www.md5rainbow.com/ but it may not bring you your original string, although it doesn't matter in your login, you are probably comparing hashed strings.

What you probably want to do is "reset your password" instead of sending the original password.

+6

shem 06 Apr '12 at 9:10

source to share

MD5 is a hash function, you should never try to recover a hashed password. Common practice would be to erase the hashed password and force them to set a new password from the link in the email. Passing hashed passwords and then attempting to hash them is a serious security hole.

+2

scarecrow198504 06 Apr At 9:07 am

source to share

In theory, in most cases, your user would prefer that you send them a dedicated link that resets the password there after some checks, you should not send text passwords in emails, nor should you inform the user that you have an unverified version from a password on your system.

+2

Lawrence cherone 06 Apr 12 at 9:12 am

source to share

Rainbow tables may be of some interest to you.
There is no way to recover the original password from the hash, but using rainbow tables it may be possible to find a string that will generate the same hash you want.

0

max taldykin 06 Apr 12 at 9:05 am

source to share

user166390 · Accepted Answer · 2012-04-06T09:02:46+0000

It cannot be done ¹

MD5 is a hashing function , not an encryption function. This is a one-way process and is not reversible.

¹ Actually there are many such passwords (inputs) that will result in the same MD5 value when hashed, but it is "difficult" to find only one and [generally] impossible to find the original one. This is what "cracks" the password - it finds one such input, which, when hashed, leads to a specific result. (And I will no longer help along this road.)

How to recover password from MD5?

More articles: