how to decrypt MD5 function in mysql syntax

**r035198x** · Mar 12 '12, 11:27 AM

MD5 is a hashing algorithm not an encryption one. Read here for how to use hashing algorithms and prefer SHA2 https://www.owasp.org/index.php/Hashing_Java

**vishal prada** · Mar 12 '12, 12:15 PM

but how to decrypt sha encryption
as us suggest i use sha1 but how to reverse it in plan text for login to compare that encrypted password.

**r035198x** · Mar 12 '12, 12:38 PM

You don't. Hashing algorithms are not reversible.
You never need to decrypt passwords.
When a user logs in just calculate the hash again and compare the hash with what's on the database. No need to get the password from the hash.

**vishal prada** · Mar 12 '12, 12:40 PM

THEN how could i retrieve password .
becoz i am match that password during login and becoz of encryption it can't match , condition always false.
what to do to protect password other than this.

**r035198x** · Mar 12 '12, 12:47 PM

It should match.
Here is how it works.

When a new user comes in with their password calculate the hash for that password and store the hash in the database against that user name (also store a salt for it).

When a user wants to log in, take their entered password and use the same algorithm to calculate it's hash and it's salt. Then check the database to see if that hash and salt is against that user in the database. There is on encryption/decryption involved here. Just calculating hashes.

**vishal prada** · Mar 12 '12, 12:50 PM

any pages to read this becoz whatever u said
i got that but i want to visualize that all whatever u explain
me. plz tell me.

**vishal prada** · Mar 12 '12, 12:54 PM

MySQL AES functions (AES_ENCRYPT() and AES_DECRYPT())

do u know this how to use this.

**r035198x** · Mar 12 '12, 01:02 PM

Yes. But that is not a hashing algorithm. AES and DES are are encryption algorithms and are the ones where you encrypt/decrypt values.
MD5 and SHA are hashing algorithms and when you use those you just calculate hashes and compare the hashes. They are perfect for passwords because there is never a need to compute a user's password.

**vishal prada** · Mar 12 '12, 01:03 PM

then plz tell me how to use that.

**r035198x** · Mar 12 '12, 01:09 PM

Which one? SHA2 is explained in detail in that link I posted. They even have complete Java source code showing how to use it.

AES in MySQL is explained in detail in the refmanual:http://dev.mysql.com/doc/refman/5.5/...on_aes-decrypt

**Rabbit** · Mar 12 '12, 03:44 PM

You shouldn't use a reversible encryption like AES to store passwords. Use the hash, everyone uses the hash. There is absolutely no need to ever need to retrieve the original password that was used to create the hash.

how to decrypt MD5 function in mysql syntax

how to decrypt MD5 function in mysql syntax

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment