6

I have saved user passwords in MD5 form in my database, now I want to send password to users in plaintext, is there any way I can convert an MD5 string to plaintext?

BenMorel
  • 34,448
  • 50
  • 182
  • 322
Ravinder Singh
  • 3,113
  • 6
  • 30
  • 46

4 Answers4

27

Md5 is a hashing algorithm. There is no way to retrieve the original input from the hashed result.

If you want to add a "forgotten password?" feature, you could send your user an email with a temporary link to create a new password.

Note: Sending passwords in plain text is a BAD idea :)

nulltoken
  • 64,429
  • 20
  • 138
  • 130
1

you can use this http://www.md5decrypt.org/ or this http://md5.gromweb.com/ it will decrypt your md5 code

Moustafa Maged
  • 27
  • 1
  • This will only work if the password that was hashed is a standard dictionary word or some order word which has been pre-hashed to identify what the hashed word is. If the password is a more randomly made up string with numbers are symbols (which is best practice and is being enforced on many sites now) then no current MD5 decoder available will work. The way all these MD5 decoders work is to have a database of words with their hashed values and to them search the hashed values for a match to a corresponding word. – Chris Rutherfurd Apr 10 '18 at 21:50
1

The idea of MD5 is that is a one-way hashing, so it can't be once the original value has been passed through the hashing algorithm (if at all).

You could (potentially) create a database table with a pairing of the original and the MD5 values but I guess that's highly impractical and poses a major security risk.

Ocracoke
  • 1,718
  • 3
  • 24
  • 38
0

I you send passwords to users in an email, you might as well have no passwords at all.

You cannot reverse the MD5 function, so your only option is to generate a new password and send that to the user (preferably over some secure channel).

Mathias Schwarz
  • 7,099
  • 23
  • 28