Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > Decrypt

Reply
Thread Tools

Decrypt

 
 
Vishal
Guest
Posts: n/a
 
      11-26-2004
Hello,

I used this article
(http://aspnet.4guysfromrolla.com/articles/103002-
1.2.aspx) to encrypt my password. Now I need to decrypt
the password again to a string. Is that possible, if so
how?

Thanks
 
Reply With Quote
 
 
 
 
Aamir Mahmood
Guest
Posts: n/a
 
      11-26-2004
why do you want to decrypt it? have you forgotten it

if you just want to check the incoming password then just encrypt that too,
and compare the two encrypted versions.

-
AM



"Vishal" <(E-Mail Removed)> wrote in message
news:081001c4d3ec$7236e7c0$(E-Mail Removed)...
> Hello,
>
> I used this article
> (http://aspnet.4guysfromrolla.com/articles/103002-
> 1.2.aspx) to encrypt my password. Now I need to decrypt
> the password again to a string. Is that possible, if so
> how?
>
> Thanks



 
Reply With Quote
 
 
 
 
=?Utf-8?B?VGFtcGEgLk5FVCBLb2Rlcg==?=
Guest
Posts: n/a
 
      11-26-2004
MD5 is a hashing algorighm. This is a one-way encrypt. You cannot decrypt
this password. Only thing you can do is use the same hashing function you
used to hash the password the first time..then compare it to the hashed
password to the one stored in the database. This article explains this in
the Limitations of Storing Encrypted Passwords in the Database section


"Vishal" wrote:

> Hello,
>
> I used this article
> (http://aspnet.4guysfromrolla.com/articles/103002-
> 1.2.aspx) to encrypt my password. Now I need to decrypt
> the password again to a string. Is that possible, if so
> how?
>
> Thanks
>

 
Reply With Quote
 
Jeff Louie
Guest
Posts: n/a
 
      11-26-2004
Vishal... I think you must have misunderstood the purpose of the MD5
algorithm. It is designed to create a "message digest". This allows you
to
verify a password without actually storing the password on the server.
As
such, it is a one way algorithm, designed to make it difficult to
compute the
original password from the message digest. For example, a crude method
would be to XOR all of the bytes in a password and store the result on
the
server creating a crude message digest.

Regards,
Jeff
>I used this article

(http://aspnet.4guysfromrolla.com/articles/103002-
1.2.aspx) to encrypt my password. Now I need to decrypt
the password again to a string. Is that possible, if so
how?<


*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
 
Reply With Quote
 
Vishal
Guest
Posts: n/a
 
      11-26-2004
Thanks to all for the reply. Yes I somehow misunderstood
the MD5 algorithms. I overread that it is a one way
encryption. Can anybody tell me which encryption is used
for two-way? So that I can encrypt/decrypt the passwords?

Thanks


>-----Original Message-----
>Vishal... I think you must have misunderstood the purpose

of the MD5
>algorithm. It is designed to create a "message digest".

This allows you
>to
>verify a password without actually storing the password

on the server.
>As
>such, it is a one way algorithm, designed to make it

difficult to
>compute the
>original password from the message digest. For example, a

crude method
>would be to XOR all of the bytes in a password and store

the result on
>the
>server creating a crude message digest.
>
>Regards,
>Jeff
>>I used this article

>(http://aspnet.4guysfromrolla.com/articles/103002-
>1.2.aspx) to encrypt my password. Now I need to decrypt
>the password again to a string. Is that possible, if so
>how?<
>
>
>*** Sent via Developersdex http://www.developersdex.com

***
>Don't just participate in USENET...get rewarded for it!
>.
>

 
Reply With Quote
 
Jeff Louie
Guest
Posts: n/a
 
      11-26-2004
Vishal... RC4 and DES are examples of two way algorithms. The .NET
cryptograhpy API has two way algorithms, but it is _not_ recommended
that you store the encrypted passwords on the server. If someone
compromises the server they can decrypt them. If you only store
hashcodes on the server, it will be difficult to recreate the password
table. In fact, don't just hash the passwords, but combine the password
with a random "salt" --> hash the result and store the hash and random
salt on the server. To verify the user's credentials, take the users
input, add it to the stored random salt --> hash the result and compare
it to the stored hash.

Regards,
Jeff
>Can anybody tell me which encryption is used

for two-way? So that I can encrypt/decrypt the passwords?<

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
 
Reply With Quote
 
Ben Amada
Guest
Posts: n/a
 
      11-26-2004
Vishal,

I understand that decrypting passwords is important -- you might have a user
who lost their password and needs to be reminded what their password is --
among other scenarios where decryption is necessary. Have a look at this
example (VB.NET example starts in the middle of the page):

How To: Encrypt and Decrypt Data Using a Symmetric (Rijndael) Key
(C#/VB.NET)
http://www.obviex.com/samples/Encryption.aspx

Good Luck,
Ben

"Vishal" <(E-Mail Removed)> wrote in message
news:92ab01c4d3f6$71265690$(E-Mail Removed)...
> Thanks to all for the reply. Yes I somehow misunderstood
> the MD5 algorithms. I overread that it is a one way
> encryption. Can anybody tell me which encryption is used
> for two-way? So that I can encrypt/decrypt the passwords?
>
> Thanks



 
Reply With Quote
 
Tien
Guest
Posts: n/a
 
      11-27-2004
Hasing your password is better, you don't need to decrypt a password to validate it.

"Tampa .NET Koder" <(E-Mail Removed)> wrote in message news:<(E-Mail Removed)>...
> MD5 is a hashing algorighm. This is a one-way encrypt. You cannot decrypt
> this password. Only thing you can do is use the same hashing function you
> used to hash the password the first time..then compare it to the hashed
> password to the one stored in the database. This article explains this in
> the Limitations of Storing Encrypted Passwords in the Database section
>
>
> "Vishal" wrote:
>
> > Hello,
> >
> > I used this article
> > (http://aspnet.4guysfromrolla.com/articles/103002-
> > 1.2.aspx) to encrypt my password. Now I need to decrypt
> > the password again to a string. Is that possible, if so
> > how?
> >
> > Thanks
> >

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
decrypt challenge - perl encrypt with ruby decrypt aktxyz@gmail.com Ruby 1 06-16-2007 01:30 PM
%CRYPTO-4-RECVD_PKT_MAC_ERR: decrypt: mac verify failed James Harris Cisco 2 02-13-2005 08:15 AM
Encrypt/Decrypt a structured file kevininstructor@state.or.us ASP .Net 1 09-25-2004 05:25 AM
Encrypt/decrypt info from form Mark ASP .Net 1 02-06-2004 09:45 PM
I need crypt and decrypt basic sample skech ASP .Net 3 12-04-2003 01:32 PM



Advertisments