-4

I have read on this great forum and several other places how difficult, if not impossible to decrypt with md5.

Unfortunately, I used md5 to hash our users' passwords:

 // hash to sanitize the input further
$password = md5($password);

Now, I am a bit of trouble because users who cannot remember their passwords, are not able to utilize our Recover password feature.

When they attempt to recover their password, they receive the encrypted password which is useless to them because they can't use it.

Given how difficulty, almost impossible it is to decrypt an md5 hash, is there a simpler encryption / decryption mechanism that someone could suggest that I try?

Pretty much in hot water now.

Cœur
  • 37,241
  • 25
  • 195
  • 267
Chidi Okeh
  • 1,537
  • 8
  • 28
  • 50
  • 4
    No, no, no! You should secure passwords with a more secure hashing algorihm (such as PHP's built-in password_hash()/password_verify() functions), that can't be reversed; and never send passwords back to users.... password recovery should be sending them a time-limited token that permits them to reset their password without entering the old value – Mark Baker Jan 26 '16 at 15:56
  • 4
    [Forgotten Password handling](http://stackoverflow.com/questions/6585649/php-forgot-password-function) – Mark Baker Jan 26 '16 at 15:57
  • 3
    You really shouldn't use [MD5 password hashes](http://security.stackexchange.com/questions/19906/is-md5-considered-insecure) and you really should use PHP's [built-in functions](http://jayblanchard.net/proper_password_hashing_with_PHP.html) to handle password security. If you're using a PHP version less than 5.5 you can use the `password_hash()` [compatibility pack](https://github.com/ircmaxell/password_compat). – Jay Blanchard Jan 26 '16 at 16:35
  • 2
    Let me just say that, a **LOT** of water's gone under the bridge in over **30 years**; that's "YEARS", 360+ months. Don't use MD5 to store passwords with. Unless you want end up in the same water, **stop what you're using** if this intended to go live on the web. – Funk Forty Niner Jan 26 '16 at 16:39

1 Answers1

4

Unfortunately, I used md5 to has our users' passwords

How is that unfortunate? That's what you're supposed to do. User passwords should be obscured behind a 1-way hash and not recoverable by anybody. Not even by you as the system owner/administrator.

users who cannot remember their passwords, are not able to utilize our Recover password feature

There should be no such thing as a "recover password feature". It's called a "reset password feature". You can change a user's password administratively. But you should never ever be able to read it.

When they attempt to recover their password, they receive the encrypted password which is useless to them because they can't use it.

But attackers can use it. Which is why you shouldn't be sending it out to anybody in the first place.

is there a simpler encryption / decryption mechanism that someone could suggest that I try?

Is doesn't get much simpler than:

md5($password)

It's one function call. Five keystrokes. It's really simple to use. And since you're already using it, you're good.

Once you stop publishing your password hashes, you'll be all set on handling user passwords (at least as far as we know here). Keep up the great work! There are tons of services out there which don't properly obscure user passwords. Thank you for at least attempting it.

Note: As users have pointed out (users who are far more familiar with PHP these days than I am), while using md5() directly is a step in the right direction, it's not the best you could be doing.

Instead, take a look at PHP's built in password handling functionality. (Or, if you're using an older, pre-5.5 version of PHP, there's a compatibility pack which maintains the same functionality.) Jay Blanchard has written a handy article on its use here.

The concept is the same, obscuring user passwords by means of a one-way hash. But the tooling has evolved considerably.

David
  • 208,112
  • 36
  • 198
  • 279
  • 6
    Well, using hashs to obscure passwords, isn't unfortunate, but using md5 instead of the password hashing api is unfortunate. :) – Charlotte Dunois Jan 26 '16 at 16:05
  • 4
    You really shouldn't use [MD5 password hashes](http://security.stackexchange.com/questions/19906/is-md5-considered-insecure) and you really should use PHP's [built-in functions](http://jayblanchard.net/proper_password_hashing_with_PHP.html) to handle password security. If you're using a PHP version less than 5.5 you can use the `password_hash()` [compatibility pack](https://github.com/ircmaxell/password_compat). – Jay Blanchard Jan 26 '16 at 16:36
  • @David, et al, first of all thank you all for your response. Second, when I said unfortunately, I used md5, I was not suggesting that I should not have. I was simply suggesting that I used a far simpler approach in terms of implementation. Because I used md5, I am finding it harder to decrypt password. If I had used another encryption method which may be a bit harder to implement but the reward of being able to decrypt using same harsh method would have been well worth the effort. That's what I was alluding to. – Chidi Okeh Jan 26 '16 at 18:00
  • Also, it is rather sad that some php programmers act like they are perfect, they didn't start out learning php like me. Each time I had posted php-related questions, they come out give me massive downgrades. It doesn't change the fact that I am learning and I am trying very hard making transition from classic asp to asp.net and now to php. – Chidi Okeh Jan 26 '16 at 18:00
  • @ChidiOkeh: `"the reward of being able to decrypt "` - That's not a reward, that's a bug. And a glaring security hole which exposes user data. – David Jan 26 '16 at 18:01
  • @David, are you suggesting that you can encrypt but cannot unencrypt or decrypt? Forgive me if I am screwing up here. At least you are providing constructive help and I do appreciate it. – Chidi Okeh Jan 26 '16 at 18:03
  • @ChidiOkeh: The entire point of using a 1-way hash for obscuring user passwords is so that they can't be decrypted. User passwords should never be recoverable. If you can recover them, so can somebody else. – David Jan 26 '16 at 18:05
  • @David, one more thing, thank you for bringing clarity. With your detailed explanation, it makes sense to use reset option and reuse the harsh. Thanks so much. – Chidi Okeh Jan 26 '16 at 18:06