How to output the password itself, not the password hash?

Question

Possible Duplicate:
How to output MD5 hashed password in plain text?

I have a little problem, below is nmy code is a '$teacherpassword' variable where it contains the user's password with salt (random characters) around it.

$teacherpassword = md5(md5("g3f".$teacherpassword."rt4"));

Now lets say the passowrd is "Cricket", then if I echo $teahcerpassword, it does not output the word "Cricket", it outputs the password hash which is "1ac30ef9e714fff0ab12b398e379f358".

I want it to output the word "Cricket". How can I get it to output the password word itself and not the password hash?

You can't, md5 is a hash function. It is designed to only go in one direction. http://en.wikipedia.org/wiki/Hash_function — Felix Kling, Aug 27 '12 at 17:10
You even called the variable $teacherPassword? Your question looks like a student trying to reverse MD5 of teacher's passwords. If that is not the case still funny. — thatidiotguy, Aug 27 '12 at 17:10
Once it is encrypted you can't get the password back, that's the whole point! — darma, Aug 27 '12 at 17:10
Hi, Ok maybe I have termed it wrong. My question is simply, how can I echo the password "Cricket", not echo "1ac30ef9e714fff0ab12b398e379f358"? — user1394925, Aug 27 '12 at 17:14

score 4 · Answer 1 · answered Aug 27 '12 at 17:10

4

The point of a hash is that it is one-way. It is different from an encryption, which is two-way.

You can not un-hash something.

http://en.wikipedia.org/wiki/MD5

answered Aug 27 '12 at 17:10

PRNDL Development Studios

3,270
2
35
50

3

Here come da rep. Gotta love these kinds of questions. – Robert Harvey Aug 27 '12 at 17:11

score 2 · Answer 2 · answered Aug 27 '12 at 17:10

That is not possible, a hash prevents that. A hashing algorithmus shorts a anyhow long input to a constant length output. it is not possible to make that backwards.

Inside a normal hashing algorithmus is the modulo operator used which reduces the information count. A information which was removed cannot be recovered. But it is possible to get the password back by using a so called rainbow table. But note that this is much more complex if a salt is used.

score 1 · Answer 3 · answered Aug 27 '12 at 17:12

1

If you want to verify if the user entered the correct password... also hash the entered value and match both hashes ;-).

answered Aug 27 '12 at 17:12

Najzero

3,164
18
18

score 1 · Answer 4 · answered Aug 27 '12 at 17:13

Hashes are used instead of encrypted passwords to make it impossible for anyone else to get at someone's password, including a system administrator. You can match the hash, but you cannot retrieve the original password from it.

That's a feature. It makes for better security, since the only person who has access to the original password is the individual who created it.

score 0 · Answer 5 · answered Aug 27 '12 at 17:11

0

Hashes are a one-way encryption. There is no way to get the password from the hash.

answered Aug 27 '12 at 17:11

Emil Vikström

90,431
16
141
175

score 0 · Answer 6 · answered Aug 27 '12 at 17:12

0

You can make a dictionary where you have some words and generated hashes, but the general notion of hashing is that it is computationally difficult to extract the original word

answered Aug 27 '12 at 17:12

MayTheSchwartzBeWithYou

1,181
1
16
32

score 0 · Answer 7 · answered Aug 27 '12 at 17:12

0

Is it impossible to output the MD5 hash. MD5 is one way only. If you want the password, you have to set a new one. Or use 'John the ripper' to crack it...

answered Aug 27 '12 at 17:12

Green Black

5,037
1
17
29

How to output the password itself, not the password hash?

7 Answers7