0

Is there a way to decrypt a hashed password back to plain text?

Take this scenario. You create a tool that allows user to store their passwords into some website's database. If you encrypt it before saving to database, even the admin can't see the plain text password. Most encrypt tools can only check hashed password against plain text for authentication. The question is this...how do you decrypt the encrypted password and show it to the user in plain text whenever they want to access the password?

27th Feb 2021, 1:02 PM
Tomiwa Joseph
Tomiwa Joseph - avatar
8 odpowiedzi
0
What I know is this...you can't decrypt a hashed password 🤷 Therefore: are the passwords we save on Google passwords manager not hashed (plain text) and at the same time secure?🤷🤦
27th Feb 2021, 1:07 PM
Tomiwa Joseph
Tomiwa Joseph - avatar
0
w/ a rainbow table. It stores a table of hashed password values and the plain text password.
27th Feb 2021, 1:23 PM
Slick
Slick - avatar
0
hash is a one way encryption method: it means that decryption is not possible as stated by Tomiwa Joseph the only way to provide a way to retrieve plain text password is to store plain text along with hash, as stated by Slick, but this would break (or at least decrease) password security ^^
27th Feb 2021, 3:42 PM
visph
visph - avatar
0
visph right it would. Usually the table has thousands of passwords with their hash values. You would take a hash value you get, then compare with values in the rainbow table. If or when you find the matching hash value, the cooresponding plain text password can be used. Usually only for weaker passwords
27th Feb 2021, 3:54 PM
Slick
Slick - avatar
0
Slim Jxmmi did I say the converse? however, technically by retrieving plain text password from a table, you doesn't "decrypt" the hashed password, you're only link a hash to a plain text ;)
27th Feb 2021, 3:58 PM
visph
visph - avatar
0
right, thats assuming its a weaker password, or the passwords hash value is stored in the table. Just like how most simple password attacks are just dictionary attacks. You arent decrypting anything, just trying out all the options you got
27th Feb 2021, 4:01 PM
Slick
Slick - avatar
0
yes, but OP question ask for way to DECRYPT not to RETRIEVE ;P
27th Feb 2021, 4:03 PM
visph
visph - avatar
0
well stating its not possible, i gave the next best alternative ;D :)}>
27th Feb 2021, 4:05 PM
Slick
Slick - avatar