how do I decode md5 passwordencode data in spring

Question

I am new in java and spring .I used Md5PasswordEncoder for password encoding.how can i decode it.

My encoding code is

    Md5PasswordEncoder md5PasswordEncoder = new Md5PasswordEncoder();
    String monthlycost = md5PasswordEncoder.encodePassword(
            empDetails.getMonthlyCost(), null); 
    String monthlyGrossSalary = md5PasswordEncoder.encodePassword(
            empDetails.getMonthlyGrossSalary(), null);

please help me for decoding it

Why would you encode it at all if your goal is to decode it at some point? — f1sh, Mar 09 '17 at 10:49

score 1 · Answer 1 · edited May 23 '17 at 10:30

The whole point of a hashing algorithm such as MD5 is that you cannot decode it. It is a one-way function not an encryption algorithm.

So ... basically ... you can't decode it.

The way that this class is supposed to be used is that you start with the user's password in the clear when you are registering it. Then you hash the password (with a salt) and store the hash in the database. Later on, when the user tries to login, he/she presents the password in the clear again. You hash it (with the same salt) and then compare the hash with the hash that you stored previously. If the hashes are the same, then the user has supplied the correct password.

In other words, this gives you to check a user's password without storing the user's actual password (in the clear or encrypted) in your database.

In your code, you are trying to use the encoder for a purpose that it wasn't designed for. It is simply not applicable. Neither is Md5.

Here's a Q&A with an example of how to do encryption and decryption in Java:

https://stackoverflow.com/a/22445878/139985

I'm sure that you can find other examples using alternative libraries if you want to search.

score 1 · Answer 2 · edited May 23 '17 at 12:26

It seems, that you are not new to Java, but to programming in general. MD5 is a hashing algorithm. A hashing algorithm is (or should be) a one-way algorithm.

Example:

If you want to create a Login system or so you can save the password as md5, when a user registrates. When he tries to login, you can create the hash value and compare it with the one you saved, when he registrated. That assumes, that you don't have the password itself in your database.

You can read more about that here.

score 0 · Answer 3 · edited Mar 09 '17 at 12:46

0

You cannot!

From Javadoc of Md5PasswordEncoder:

As MD5 is a one-way hash, the salt can contain any characters

It is one-way hash, so you cannot decode it.

edited Mar 09 '17 at 12:46

dur

15,689
25
79
125

answered Mar 09 '17 at 10:39

Jaiwo99

9,687
3
36
53

@jermiya password should not be decrypted – Jaiwo99 Mar 09 '17 at 10:42

how do I decode md5 passwordencode data in spring

3 Answers3