2

Variable $var = 123456 and its respective hashed value = $2y$10$U7Xh..V1deexlMK1osMLY.FSXvLHzg5NnoxLFFFKdmv6bPpB5bElS and it will be stored in database table. How do i decrypt the hashed value?

For encryption i am using following technique Example : $var = \Hash::make($var);

Chiru Adi
  • 647
  • 4
  • 21
  • there is no way to decrypt hashed value – Md. Sahadat Hossain Jun 13 '16 at 10:14
  • 1
    You do know what a hash is don't you? You are aware that the whole point of a hash is that it isn't reversible? You're aware that it isn't encryption? What you're asking is how to get a cow back from a burger. – Mark Baker Jun 13 '16 at 10:17
  • You may want to have a look at this Q&A to increase your understanding http://stackoverflow.com/questions/4948322/fundamental-difference-between-hashing-and-encryption-algorithms – DavidT Jun 13 '16 at 10:18

2 Answers2

3

There is no way to unhash the password when you have used Hash::make, if you are searching for password resetting then you can obviously let the user change the password.

DocRattie
  • 1,392
  • 2
  • 13
  • 27
Siddharth
  • 1,649
  • 4
  • 22
  • 47
1

To add further information:

a cryptographic Hash is a one way obfuscation of data. There is no such "unhash()" function in any computer language. By passing a value through a hash it aims to make the data:

  1. Less readable
  2. Less guessable (through automated attack variants, see "Brute Force")

It can be described as a Lossy cryptographic technique. While the original value can be compared against a hash of the original value to identify if the values match, the original data is lost in the hashing.

Encryption / Decryption is the Lossless variant of cryptography. Through a number of programming techniques (hardware or software based), the data is transformed using a key. This key should either be known by one side (for storage) or by one or more partner systems (for transmission). This works similar to a key in a lock. When the key pushes all of the pins in the tumbler in the correct manner, the lock opens and so does the door/box/locked item. So too with encrypted data, if a key is shared then more than one may access the data.

More secure systems (typically involving transmission of data) require a public and private key that work in tandem. This is similar to having to turn two keys in two separate locks in order to open the door/box/item.

Unfortunately, we cannot accept liability for human error. If you write your password down physically, other humans will have the opportunity to copy it (again, like copying a key with a bar of soap or similar) and use it for their own nefarious purposes.

See:

https://security.stackexchange.com/questions/33860/how-does-hashing-work

http://www.howtogeek.com/166832/brute-force-attacks-explained-how-all-encryption-is-vulnerable/

Community
  • 1
  • 1
Justin Origin Broadband
  • 1,492
  • 1
  • 11
  • 14