By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
455,806 Members | 1,380 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 455,806 IT Pros & Developers. It's quick & easy.

how to decrypt MD5 function in mysql syntax

P: 52
i used MD5 function to encrypt password ..
Expand|Select|Wrap|Line Numbers
  1.  
  2. PreparedStatement pstmt=con.prepareStatement("insert into regist values(?,MD5(?),MD5(?),?,?,?,?,?,?,?,?,?,?,?,?)");
  3.  
  4.         pstmt.setString(1,vEmailId);
  5.         pstmt.setString(2,vPassword);
  6.         pstmt.setString(3,vConfirmPassword);
  7.  
but i want to Decrypt that password for login condition where it is not match the same password.
what to do.
Mar 12 '12 #1
Share this Question
Share on Google+
11 Replies


10K+
P: 13,264
MD5 is a hashing algorithm not an encryption one. Read here for how to use hashing algorithms and prefer SHA2 https://www.owasp.org/index.php/Hashing_Java
Mar 12 '12 #2

P: 52
but how to decrypt sha encryption
as us suggest i use sha1 but how to reverse it in plan text for login to compare that encrypted password.
Mar 12 '12 #3

10K+
P: 13,264
You don't. Hashing algorithms are not reversible.
You never need to decrypt passwords.
When a user logs in just calculate the hash again and compare the hash with what's on the database. No need to get the password from the hash.
Mar 12 '12 #4

P: 52
THEN how could i retrieve password .
becoz i am match that password during login and becoz of encryption it can't match , condition always false.
what to do to protect password other than this.
Mar 12 '12 #5

10K+
P: 13,264
It should match.
Here is how it works.

When a new user comes in with their password calculate the hash for that password and store the hash in the database against that user name (also store a salt for it).

When a user wants to log in, take their entered password and use the same algorithm to calculate it's hash and it's salt. Then check the database to see if that hash and salt is against that user in the database. There is on encryption/decryption involved here. Just calculating hashes.
Mar 12 '12 #6

P: 52
any pages to read this becoz whatever u said
i got that but i want to visualize that all whatever u explain
me. plz tell me.
Mar 12 '12 #7

P: 52
MySQL AES functions (AES_ENCRYPT() and AES_DECRYPT())

do u know this how to use this.
Mar 12 '12 #8

10K+
P: 13,264
Yes. But that is not a hashing algorithm. AES and DES are are encryption algorithms and are the ones where you encrypt/decrypt values.
MD5 and SHA are hashing algorithms and when you use those you just calculate hashes and compare the hashes. They are perfect for passwords because there is never a need to compute a user's password.
Mar 12 '12 #9

P: 52
then plz tell me how to use that.
Mar 12 '12 #10

10K+
P: 13,264
Which one? SHA2 is explained in detail in that link I posted. They even have complete Java source code showing how to use it.

AES in MySQL is explained in detail in the refmanual:http://dev.mysql.com/doc/refman/5.5/...on_aes-decrypt
Mar 12 '12 #11

Rabbit
Expert Mod 10K+
P: 12,422
You shouldn't use a reversible encryption like AES to store passwords. Use the hash, everyone uses the hash. There is absolutely no need to ever need to retrieve the original password that was used to create the hash.
Mar 12 '12 #12

Post your reply

Sign in to post your reply or Sign up for a free account.