I am encrypting(hashing) user login passwords using HMACSHA512 using (PasswordToHash(_salt, passwordText, iterations)) and stored in database. I would like to know how to decrypt the passwords.
Asked
Active
Viewed 4,485 times
-10
-
2You can't decrypt hashes, and that's what HMACSHA512 is: **a hasher**. – Camilo Terevinto May 18 '17 at 16:07
-
2The point of a hash algorithm is that it is one-way, therefore you can't. – Martin Costello May 18 '17 at 16:07
-
1I'm voting to close this question as off-topic because you cannot decrypt one way hashes – Nkosi May 18 '17 at 16:21
1 Answers
2
You do not decrypt hashes, you recreate the hashes from user input and compare with the stored value.
Neil
- 11,059
- 3
- 31
- 56
-
every time it will create different hashes for same password.how to compare? – Suresh Sankar May 18 '17 at 16:10
-
@SureshSankar then you are doing something wrong. A hash should always return the same output for the same input. – MrZander May 18 '17 at 16:11
-
With the same password, salt, and iterations, you will get the same hash. If you generate a new salt each time you verify, then, of course, it won't work. That is why you store the salt and the hash in your database. – Neil May 18 '17 at 16:18
-
following the below link https://github.com/Thashiznets/PWDTK.NET for hashing the password. In that sample create different hashes for same password – Suresh Sankar May 18 '17 at 16:19
-
-
In that link, a new salt and hash is created every time a new password is entered (button1_Click), but the current salt&hash are used to verify (button2_click). – Neil May 18 '17 at 16:24