Decrypt The Encrypt Password In Db

Hi can we decrypt the encrypted password from db?

Hi my friend

What kind of data you want to decrypt? which method you using ? MD5, SHA or anything else?

Hi roadrunner,

Well, what do you really want to do?

Usually we use some one way encryption (i.e. hashing) for password. And we won’t try to decrypt it because there’s no need to do it.

We store the hash of the password in db. And when a user has posted a password trying to login, then we will compare the stored hash and the hash created on-the-fly from the user input password.

are you trying to decrypt it for a manual check for yourself or you are implementing in your app??

if it is md5 encrypted and stored in db. you perform a check/authenticate this way:


md5($this->password))




public function authenticate()

	{

		if(!($user=User::model()->findByAttributes(array('email'=>$this->username))))

			$this->errorCode=self::ERROR_USERNAME_INVALID;

		elseif($user->password!==md5($this->password))

		$this->errorCode=self::ERROR_PASSWORD_INVALID;

		elseif($user->status==User::INACTIVE)

		$this->errorCode=self::ERROR_USER_INACTIVE;

		else

		{   

	          

            $this->errorCode=self::ERROR_NONE;

			

		}

		return !$this->errorCode;

	}

Thanks,

I use MD5 to encrypt and I want that only i can see their password, or any better idea to retrieve their password if they forgot?

Avoid two-way encryption whenever possible. Store password with one-way encryption. If user forgets her password, email her a link which allows her to set the password to a new value. Safer that way.

It’s far much safer ALSO FOR YOU when you do not have the means to get back the user’s raw password from the encrypted one. If you could get back the raw password from the encrypted one, you would be in a very bad situation for your self. You won’t be able to say “I’m not the one that stole your password” to someone who got cracked his/her password.

Anyway there are many sites to decrypt md5(especially if it’s short password) , md5 it’s not safe, so if You need your app to be safer use some other way to encrypt your password.

for your requirement you can follow this link to decrypt your password. it is decoder for your md5 hash.

there are many site does this job for you.

If having the user password really is critical, and you’re willing to take that security risk, you can use this little class to encrypt/decrypt passwords.




// Usage:

// $password = 'reallydifficultpassword';

// $encryptedStr = Encryptor::aesEncrypt($password);

// 

// $decryptedStr = Encryptor::aesEncrypt($encryptedStr);


class Encryptor {


 const KEY = 'Some.Very.Difficult.Key';


    /**

     * Ensure that this class acts like an enum and that it cannot be instantiated

     */

    private function __construct() {


    }


    /**

     * @return string - AES-decrypted $val, using either key passed in, or local key if no key given.

     * Compatible with mysql's aes_decrypt.

     * Found this at : http://us.php.net/mcrypt, and modified.

     * @param $val - string - The string to be encrypted.

     * @param $key - string - The key to use for decryption. If none specified, use the local key.

     */

    public static function aesDecrypt($val, $key=null) {

        if ($key == null)

            $key = self::KEY;

        $mode = MCRYPT_MODE_ECB;

        $enc = MCRYPT_RIJNDAEL_128;

        $dec = @mcrypt_decrypt($enc, $key, $val, $mode, @mcrypt_create_iv(@mcrypt_get_iv_size($enc, $mode), MCRYPT_DEV_URANDOM));

        return rtrim($dec, ( ( ord(substr($dec, strlen($dec) - 1, 1)) >= 0 and ord(substr($dec, strlen($dec) - 1, 1)) <= 16 ) ? chr(ord(substr($dec, strlen($dec) - 1, 1))) : null));

    }


    /**

     * @return string - Reversible, AES-encrypted $val, using either key passed in, or local key if no key given.

     * Compatible with mysql's aes_encrypt.

     * @param $key - string - The key to use for decryption. If none specified, use the local key.

     * Found this at : http://us.php.net/mcrypt, and modified.

     */

    public static function aesEncrypt($val, $key=null) {

        if ($key == null)

            $key = self::KEY;

        $mode = MCRYPT_MODE_ECB;

        $enc = MCRYPT_RIJNDAEL_128;

        $val = str_pad($val, (16 * (floor(strlen($val) / 16) + (strlen($val) % 16 == 0 ? 2 : 1))), chr(16 - (strlen($val) % 16)));

        return @mcrypt_encrypt($enc, $key, $val, $mode, mcrypt_create_iv(mcrypt_get_iv_size($enc, $mode), MCRYPT_DEV_URANDOM));

    }

}



:mellow:

where to write this class…??

here you can decrypt md5 hash