1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to remove encryption from passwords in phpmyadmin?

Discussion in 'Web Design' started by MetalMan390, Sep 25, 2012.

  1. MetalMan390

    MetalMan390 Regular Member

    Joined:
    Sep 26, 2009
    Messages:
    285
    Likes Received:
    18
    I have a website hosted on hostgator, and last time I had some work done to the site's login system the guy encrypted everyone's password in the phpmyadmin database. I want to know how I can remove the encryption so that I can read the passwords temporarily, and then change it back to the way it was.

    Right now, the passwords look like this in my phpmyadmin user database:

    $P$Bfux4kk4oy1KCxRbCIqnYE.Z/TzdgB1

    Thanks for any help with this.
     
  2. upl8t

    upl8t Regular Member

    Joined:
    Apr 9, 2008
    Messages:
    475
    Likes Received:
    84
    Location:
    New Scotland
    They're not reversable. The way the passwords work is that the hash(encrypted password) is stored in the db. When someone logs in they enter a password. It is hashed and the hashed version of their login password is compared against the stored version. If they match a login is allowed. These password encryptions are not made to be reversed. Otherwise if someone got their hands on a password table they could reverse all the passwords and use them... think of the issues if someone could reverse a password for banking logins.
     
  3. seopencil

    seopencil Supreme Member

    Joined:
    Aug 3, 2011
    Messages:
    1,435
    Likes Received:
    519
    Location:
    BHW
    why you wana see user password :biggthump
     
  4. pr1v4t3sn4rf

    pr1v4t3sn4rf Newbie

    Joined:
    Sep 13, 2012
    Messages:
    14
    Likes Received:
    2
    look's like an md5 hash. it's crackable but unfortunately not in a reasonable amount of time (think 10 years for 1 hash)
     
  5. cgimaster

    cgimaster Power Member

    Joined:
    Jun 30, 2012
    Messages:
    525
    Likes Received:
    311
    Gender:
    Male
    that is if that hash has not been cracked yet, you can search around the internet that are plenty search engines for cracked hashs in md5, sha1, and others.
     
  6. altrnt

    altrnt Registered Member

    Joined:
    Jun 26, 2011
    Messages:
    82
    Likes Received:
    16
    This looks like an md5 hash?
    On-topic: you probably wont be able to decrypt, but since you have access to the database why not just change it to a password of your choosing?
     
  7. cgimaster

    cgimaster Power Member

    Joined:
    Jun 30, 2012
    Messages:
    525
    Likes Received:
    311
    Gender:
    Male
    That would be logical thing to do but I will assume that is not what he is aiming at because that is pretty easy to do with phpMyAdmin, when you click to edit a entry it lets you select MD5 from a drop down.
     
  8. MetalMan390

    MetalMan390 Regular Member

    Joined:
    Sep 26, 2009
    Messages:
    285
    Likes Received:
    18
    Gotcha. Is there anyway to disable all future passwords from being encrypted then? I don't need high security for this type of site.

    How do I do that? In phpmyadmin, it shows the hashed password... if I change this to something else, I can't log in with that new password. I've tried selecting MD5 when I change the password, and also tried leaving the dropdown menu blank.
     
  9. upl8t

    upl8t Regular Member

    Joined:
    Apr 9, 2008
    Messages:
    475
    Likes Received:
    84
    Location:
    New Scotland
    In theory you can use plain text (unencrypted) passwords. You'd need to change your login and account creation scripts so that they're not hashing the password.
     
    • Thanks Thanks x 1
  10. MetalMan390

    MetalMan390 Regular Member

    Joined:
    Sep 26, 2009
    Messages:
    285
    Likes Received:
    18
    Thanks for the answer. Unfortunately I have no idea how to do that. I'll have to find someone to get that done for me.
     
  11. cgimaster

    cgimaster Power Member

    Joined:
    Jun 30, 2012
    Messages:
    525
    Likes Received:
    311
    Gender:
    Male
    On the phpmyadmin, click on the edit icon on the entry you want to change the password.

    By selecting MD5 on the drop down you can write it in plain text see attached image then press change save or whatever it is for you to save it and it will be converted into md5
     

    Attached Files:

    Last edited: Sep 25, 2012