-3

i am creating one admin panel for my app but the main problem is that when i am displaying password to admin in plain text then it will creates problem ?? i have stored my password in md5 format in php ? how can i able to decrypt that code in plain text in php ?

i have tried several times with every possibilities, but i haven's find any right answer yet now ?

$string ="hello"; 
$password= md5 ($string);

i expect plain text password which is reverse of encryption, that is decryption

Scott Arciszewski
  • 33,610
  • 16
  • 89
  • 206
Bhavik Shah
  • 1
  • 3
  • 5
    You can't "decrypt" a hash. MD5 is hashing, not encryption. You should be using `password_hash`, not MD5. It is insecure. – Luke Joshua Park May 23 '19 at 20:41
  • 4
    1) You should never be able to "decrypt" someone's password. 2) MD5 is a hashing function, so you need a rainbow table to turn the hash into a password. 3) MD5 is no longer suitable for storing passwords, use [`password_hash()`](https://www.php.net/manual/en/function.password-hash.php) instead – Nicholas Summers May 23 '19 at 20:41
  • Since you are new to storing passwords, I also recommend this video: https://www.youtube.com/watch?v=8ZtInClXe1Q – Nicholas Summers May 23 '19 at 20:43
  • 1
    There is no reason you ever should need a user's plain text password. – user3783243 May 23 '19 at 20:45

2 Answers2

2

In Theory no you can't. MD5 is ONE WAY hash algorithm. The original string is (lost) throught transformations. The sequrity of MD5 is compromised but you can not "decrypt or reverse" it. You can use a Rainbow Tables and try to find a match. Why you want to see User Password in clear text? The reason of hashing (encryption but without decryption key) is to protect privacy by turning personal information into “for your eyes only”, it's meens only User shoud be know the Password.

gtsonkov
  • 91
  • 1
  • 3
  • 9
1

Md5 is a hash algorithm, sometimes incorrectly referred to as “one way encryption”. There is no way to get the original string back.

Also, why would you like to show the password in plain text? That can be a serious security issue. The purpose of hashing is to make sure the user writes the same password every time without anyone else knowing what the password is.

ulvesked
  • 429
  • 3
  • 11
  • I understand the concept and referred to the term being (incorrectly) used across the web. This was in response to the original poster who referred to md5 as encryption. – ulvesked May 24 '19 at 07:51
  • Added "incorrectly" as suggested. – ulvesked May 27 '19 at 07:03