Why is it so easy to decrypt MD5 checksums





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}







1















I have recently been plyaing aroud with a website that converts MD5 to the plain text format. Why is it so easy to decrypt it ?



Take this example



8466fa8e428bf83c4d2d9893b4bada64

7d53cbd3f0c0e2af31c3ba1eab940f22

dc647eb65e6711e155375218212b3964

27d4cf7da57f6748f79254f7be42cca3

909cea0c97058cfe2e3ea8d675cb08e1


Decrypts to "My gmail password is orange" in under 1 second.
Picture



Even with sha256 it got decrypted instantly
Picture










share|improve this question































    1















    I have recently been plyaing aroud with a website that converts MD5 to the plain text format. Why is it so easy to decrypt it ?



    Take this example



    8466fa8e428bf83c4d2d9893b4bada64

    7d53cbd3f0c0e2af31c3ba1eab940f22

    dc647eb65e6711e155375218212b3964

    27d4cf7da57f6748f79254f7be42cca3

    909cea0c97058cfe2e3ea8d675cb08e1


    Decrypts to "My gmail password is orange" in under 1 second.
    Picture



    Even with sha256 it got decrypted instantly
    Picture










    share|improve this question



























      1












      1








      1








      I have recently been plyaing aroud with a website that converts MD5 to the plain text format. Why is it so easy to decrypt it ?



      Take this example



      8466fa8e428bf83c4d2d9893b4bada64

      7d53cbd3f0c0e2af31c3ba1eab940f22

      dc647eb65e6711e155375218212b3964

      27d4cf7da57f6748f79254f7be42cca3

      909cea0c97058cfe2e3ea8d675cb08e1


      Decrypts to "My gmail password is orange" in under 1 second.
      Picture



      Even with sha256 it got decrypted instantly
      Picture










      share|improve this question
















      I have recently been plyaing aroud with a website that converts MD5 to the plain text format. Why is it so easy to decrypt it ?



      Take this example



      8466fa8e428bf83c4d2d9893b4bada64

      7d53cbd3f0c0e2af31c3ba1eab940f22

      dc647eb65e6711e155375218212b3964

      27d4cf7da57f6748f79254f7be42cca3

      909cea0c97058cfe2e3ea8d675cb08e1


      Decrypts to "My gmail password is orange" in under 1 second.
      Picture



      Even with sha256 it got decrypted instantly
      Picture







      md5






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Nov 24 '18 at 9:39







      F.Ahmed

















      asked Nov 24 '18 at 9:19









      F.AhmedF.Ahmed

      85




      85
























          2 Answers
          2






          active

          oldest

          votes


















          3














          md5 is a one-way digest function, also known as a hash function. It is not an encryption mechanism.



          md5 is known to have several weaknesses, and common advice has been to avoid using it for over a decade now.



          On this particular site, you are likely seeing an example of rainbow tables being used to find collisions, or perhaps even the original inputs. Rainbow tables work by precomputing very large amounts of likely inputs (such as known passwords, the entire dictionary for multiple languages, common word combinations, etc). Such tables can be efficiently searched for a given hash to find an input that produces said hash.



          Note that in some cases, you may receive a different result from the rainbow table from what you used as the input. In this case, it is also an example of a collision.



          It is possible to protect against rainbow attacks using salting, which adds random data to each input, such that a precomputed rainbow table is unlikely to have your exact input in it.



          Although md5 is considered broken, it is not broken to the extent that you can perform a direct "decryption" given a hash - most attacks attempt to produce collisions as opposed to finding preimages.



          For any security sensitive applications, you should consider using modern hash functions such as sha256. For password hashing, consider using hash functions specifically designed for password hashing, such as bcrypt.






          share|improve this answer


























          • Even with sha256 it got decrypyed in under 1 second

            – F.Ahmed
            Nov 24 '18 at 9:36






          • 1





            Again, it is very likely using a rainbow table attack. Any hash function will be vulnerable to a rainbow table by definition, as long as the table contains the input. If you try md5 or sha256 with some random data, r8p,j9fwjp9fjewp9,qhzh.wphg9whreegc9,wgrp.9e8rxphrew9,xujvsmudsh9mo84ahpch9,vpjr9x.hgp9re.x for example, it will not be able to provide the input.

            – Raghav Sood
            Nov 24 '18 at 9:40



















          3














          Because md5 is not an encryption mechanism, it is a very old one-way hash algorithm. What you are finding are collisions, and they are highly unlikely to be the original input. They have produced a possible match. Consider



          $ echo "My Gmail Password Is Orange" | md5sum
          97ec87f89796b683feae88008c302d22 -
          $ echo -n "My Gmail Password Is Orange" | md5sum
          52b4551c065189631be8b506eee9b62e -


          The only difference between those two String(s) is the newline. It's true that md5 is broken. But it's not reversible, unless you consider very short words and a dictionary.






          share|improve this answer


























          • Frisch It is the original inout

            – F.Ahmed
            Nov 24 '18 at 9:21











          • @F.Ahmed For trivial sample words. What does it give you for 8a2c1ee4c9faf18992a59cedd9023349? BTW, if that comes back fast, it's still only an example of a rainbow table at work. That was "floccinaucinihilipilification", now try 8a2c1ee4c9faf18992a59cedd9023350.

            – Elliott Frisch
            Nov 24 '18 at 9:25








          • 1





            Frisch it comes to floccinaucinihilipilification

            – F.Ahmed
            Nov 24 '18 at 9:29











          • @F.Ahmed How it works ? MD5 means a 128-bit encryption algorithm, generating a 32-character hexadecimal hash, whatever the captcha. This algorithm is not reversible, ie it is normally impossible to find the original word from the md5 hash. Our tool uses a huge database in order to have the best chance possible to trace the captcha. Just enter an MD5 hash in the form above to try to decrypt! Words in the database : 1,154,869,433,999 From here.

            – Elliott Frisch
            Nov 24 '18 at 9:30













          • It's a big rainbow table. SALT your passwords folks!

            – Elliott Frisch
            Nov 24 '18 at 9:31












          Your Answer






          StackExchange.ifUsing("editor", function () {
          StackExchange.using("externalEditor", function () {
          StackExchange.using("snippets", function () {
          StackExchange.snippets.init();
          });
          });
          }, "code-snippets");

          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "1"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53456790%2fwhy-is-it-so-easy-to-decrypt-md5-checksums%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          2 Answers
          2






          active

          oldest

          votes








          2 Answers
          2






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          3














          md5 is a one-way digest function, also known as a hash function. It is not an encryption mechanism.



          md5 is known to have several weaknesses, and common advice has been to avoid using it for over a decade now.



          On this particular site, you are likely seeing an example of rainbow tables being used to find collisions, or perhaps even the original inputs. Rainbow tables work by precomputing very large amounts of likely inputs (such as known passwords, the entire dictionary for multiple languages, common word combinations, etc). Such tables can be efficiently searched for a given hash to find an input that produces said hash.



          Note that in some cases, you may receive a different result from the rainbow table from what you used as the input. In this case, it is also an example of a collision.



          It is possible to protect against rainbow attacks using salting, which adds random data to each input, such that a precomputed rainbow table is unlikely to have your exact input in it.



          Although md5 is considered broken, it is not broken to the extent that you can perform a direct "decryption" given a hash - most attacks attempt to produce collisions as opposed to finding preimages.



          For any security sensitive applications, you should consider using modern hash functions such as sha256. For password hashing, consider using hash functions specifically designed for password hashing, such as bcrypt.






          share|improve this answer


























          • Even with sha256 it got decrypyed in under 1 second

            – F.Ahmed
            Nov 24 '18 at 9:36






          • 1





            Again, it is very likely using a rainbow table attack. Any hash function will be vulnerable to a rainbow table by definition, as long as the table contains the input. If you try md5 or sha256 with some random data, r8p,j9fwjp9fjewp9,qhzh.wphg9whreegc9,wgrp.9e8rxphrew9,xujvsmudsh9mo84ahpch9,vpjr9x.hgp9re.x for example, it will not be able to provide the input.

            – Raghav Sood
            Nov 24 '18 at 9:40
















          3














          md5 is a one-way digest function, also known as a hash function. It is not an encryption mechanism.



          md5 is known to have several weaknesses, and common advice has been to avoid using it for over a decade now.



          On this particular site, you are likely seeing an example of rainbow tables being used to find collisions, or perhaps even the original inputs. Rainbow tables work by precomputing very large amounts of likely inputs (such as known passwords, the entire dictionary for multiple languages, common word combinations, etc). Such tables can be efficiently searched for a given hash to find an input that produces said hash.



          Note that in some cases, you may receive a different result from the rainbow table from what you used as the input. In this case, it is also an example of a collision.



          It is possible to protect against rainbow attacks using salting, which adds random data to each input, such that a precomputed rainbow table is unlikely to have your exact input in it.



          Although md5 is considered broken, it is not broken to the extent that you can perform a direct "decryption" given a hash - most attacks attempt to produce collisions as opposed to finding preimages.



          For any security sensitive applications, you should consider using modern hash functions such as sha256. For password hashing, consider using hash functions specifically designed for password hashing, such as bcrypt.






          share|improve this answer


























          • Even with sha256 it got decrypyed in under 1 second

            – F.Ahmed
            Nov 24 '18 at 9:36






          • 1





            Again, it is very likely using a rainbow table attack. Any hash function will be vulnerable to a rainbow table by definition, as long as the table contains the input. If you try md5 or sha256 with some random data, r8p,j9fwjp9fjewp9,qhzh.wphg9whreegc9,wgrp.9e8rxphrew9,xujvsmudsh9mo84ahpch9,vpjr9x.hgp9re.x for example, it will not be able to provide the input.

            – Raghav Sood
            Nov 24 '18 at 9:40














          3












          3








          3







          md5 is a one-way digest function, also known as a hash function. It is not an encryption mechanism.



          md5 is known to have several weaknesses, and common advice has been to avoid using it for over a decade now.



          On this particular site, you are likely seeing an example of rainbow tables being used to find collisions, or perhaps even the original inputs. Rainbow tables work by precomputing very large amounts of likely inputs (such as known passwords, the entire dictionary for multiple languages, common word combinations, etc). Such tables can be efficiently searched for a given hash to find an input that produces said hash.



          Note that in some cases, you may receive a different result from the rainbow table from what you used as the input. In this case, it is also an example of a collision.



          It is possible to protect against rainbow attacks using salting, which adds random data to each input, such that a precomputed rainbow table is unlikely to have your exact input in it.



          Although md5 is considered broken, it is not broken to the extent that you can perform a direct "decryption" given a hash - most attacks attempt to produce collisions as opposed to finding preimages.



          For any security sensitive applications, you should consider using modern hash functions such as sha256. For password hashing, consider using hash functions specifically designed for password hashing, such as bcrypt.






          share|improve this answer















          md5 is a one-way digest function, also known as a hash function. It is not an encryption mechanism.



          md5 is known to have several weaknesses, and common advice has been to avoid using it for over a decade now.



          On this particular site, you are likely seeing an example of rainbow tables being used to find collisions, or perhaps even the original inputs. Rainbow tables work by precomputing very large amounts of likely inputs (such as known passwords, the entire dictionary for multiple languages, common word combinations, etc). Such tables can be efficiently searched for a given hash to find an input that produces said hash.



          Note that in some cases, you may receive a different result from the rainbow table from what you used as the input. In this case, it is also an example of a collision.



          It is possible to protect against rainbow attacks using salting, which adds random data to each input, such that a precomputed rainbow table is unlikely to have your exact input in it.



          Although md5 is considered broken, it is not broken to the extent that you can perform a direct "decryption" given a hash - most attacks attempt to produce collisions as opposed to finding preimages.



          For any security sensitive applications, you should consider using modern hash functions such as sha256. For password hashing, consider using hash functions specifically designed for password hashing, such as bcrypt.







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited Nov 24 '18 at 9:30









          tilz0R

          5,71211233




          5,71211233










          answered Nov 24 '18 at 9:25









          Raghav SoodRaghav Sood

          72.7k19162175




          72.7k19162175













          • Even with sha256 it got decrypyed in under 1 second

            – F.Ahmed
            Nov 24 '18 at 9:36






          • 1





            Again, it is very likely using a rainbow table attack. Any hash function will be vulnerable to a rainbow table by definition, as long as the table contains the input. If you try md5 or sha256 with some random data, r8p,j9fwjp9fjewp9,qhzh.wphg9whreegc9,wgrp.9e8rxphrew9,xujvsmudsh9mo84ahpch9,vpjr9x.hgp9re.x for example, it will not be able to provide the input.

            – Raghav Sood
            Nov 24 '18 at 9:40



















          • Even with sha256 it got decrypyed in under 1 second

            – F.Ahmed
            Nov 24 '18 at 9:36






          • 1





            Again, it is very likely using a rainbow table attack. Any hash function will be vulnerable to a rainbow table by definition, as long as the table contains the input. If you try md5 or sha256 with some random data, r8p,j9fwjp9fjewp9,qhzh.wphg9whreegc9,wgrp.9e8rxphrew9,xujvsmudsh9mo84ahpch9,vpjr9x.hgp9re.x for example, it will not be able to provide the input.

            – Raghav Sood
            Nov 24 '18 at 9:40

















          Even with sha256 it got decrypyed in under 1 second

          – F.Ahmed
          Nov 24 '18 at 9:36





          Even with sha256 it got decrypyed in under 1 second

          – F.Ahmed
          Nov 24 '18 at 9:36




          1




          1





          Again, it is very likely using a rainbow table attack. Any hash function will be vulnerable to a rainbow table by definition, as long as the table contains the input. If you try md5 or sha256 with some random data, r8p,j9fwjp9fjewp9,qhzh.wphg9whreegc9,wgrp.9e8rxphrew9,xujvsmudsh9mo84ahpch9,vpjr9x.hgp9re.x for example, it will not be able to provide the input.

          – Raghav Sood
          Nov 24 '18 at 9:40





          Again, it is very likely using a rainbow table attack. Any hash function will be vulnerable to a rainbow table by definition, as long as the table contains the input. If you try md5 or sha256 with some random data, r8p,j9fwjp9fjewp9,qhzh.wphg9whreegc9,wgrp.9e8rxphrew9,xujvsmudsh9mo84ahpch9,vpjr9x.hgp9re.x for example, it will not be able to provide the input.

          – Raghav Sood
          Nov 24 '18 at 9:40













          3














          Because md5 is not an encryption mechanism, it is a very old one-way hash algorithm. What you are finding are collisions, and they are highly unlikely to be the original input. They have produced a possible match. Consider



          $ echo "My Gmail Password Is Orange" | md5sum
          97ec87f89796b683feae88008c302d22 -
          $ echo -n "My Gmail Password Is Orange" | md5sum
          52b4551c065189631be8b506eee9b62e -


          The only difference between those two String(s) is the newline. It's true that md5 is broken. But it's not reversible, unless you consider very short words and a dictionary.






          share|improve this answer


























          • Frisch It is the original inout

            – F.Ahmed
            Nov 24 '18 at 9:21











          • @F.Ahmed For trivial sample words. What does it give you for 8a2c1ee4c9faf18992a59cedd9023349? BTW, if that comes back fast, it's still only an example of a rainbow table at work. That was "floccinaucinihilipilification", now try 8a2c1ee4c9faf18992a59cedd9023350.

            – Elliott Frisch
            Nov 24 '18 at 9:25








          • 1





            Frisch it comes to floccinaucinihilipilification

            – F.Ahmed
            Nov 24 '18 at 9:29











          • @F.Ahmed How it works ? MD5 means a 128-bit encryption algorithm, generating a 32-character hexadecimal hash, whatever the captcha. This algorithm is not reversible, ie it is normally impossible to find the original word from the md5 hash. Our tool uses a huge database in order to have the best chance possible to trace the captcha. Just enter an MD5 hash in the form above to try to decrypt! Words in the database : 1,154,869,433,999 From here.

            – Elliott Frisch
            Nov 24 '18 at 9:30













          • It's a big rainbow table. SALT your passwords folks!

            – Elliott Frisch
            Nov 24 '18 at 9:31
















          3














          Because md5 is not an encryption mechanism, it is a very old one-way hash algorithm. What you are finding are collisions, and they are highly unlikely to be the original input. They have produced a possible match. Consider



          $ echo "My Gmail Password Is Orange" | md5sum
          97ec87f89796b683feae88008c302d22 -
          $ echo -n "My Gmail Password Is Orange" | md5sum
          52b4551c065189631be8b506eee9b62e -


          The only difference between those two String(s) is the newline. It's true that md5 is broken. But it's not reversible, unless you consider very short words and a dictionary.






          share|improve this answer


























          • Frisch It is the original inout

            – F.Ahmed
            Nov 24 '18 at 9:21











          • @F.Ahmed For trivial sample words. What does it give you for 8a2c1ee4c9faf18992a59cedd9023349? BTW, if that comes back fast, it's still only an example of a rainbow table at work. That was "floccinaucinihilipilification", now try 8a2c1ee4c9faf18992a59cedd9023350.

            – Elliott Frisch
            Nov 24 '18 at 9:25








          • 1





            Frisch it comes to floccinaucinihilipilification

            – F.Ahmed
            Nov 24 '18 at 9:29











          • @F.Ahmed How it works ? MD5 means a 128-bit encryption algorithm, generating a 32-character hexadecimal hash, whatever the captcha. This algorithm is not reversible, ie it is normally impossible to find the original word from the md5 hash. Our tool uses a huge database in order to have the best chance possible to trace the captcha. Just enter an MD5 hash in the form above to try to decrypt! Words in the database : 1,154,869,433,999 From here.

            – Elliott Frisch
            Nov 24 '18 at 9:30













          • It's a big rainbow table. SALT your passwords folks!

            – Elliott Frisch
            Nov 24 '18 at 9:31














          3












          3








          3







          Because md5 is not an encryption mechanism, it is a very old one-way hash algorithm. What you are finding are collisions, and they are highly unlikely to be the original input. They have produced a possible match. Consider



          $ echo "My Gmail Password Is Orange" | md5sum
          97ec87f89796b683feae88008c302d22 -
          $ echo -n "My Gmail Password Is Orange" | md5sum
          52b4551c065189631be8b506eee9b62e -


          The only difference between those two String(s) is the newline. It's true that md5 is broken. But it's not reversible, unless you consider very short words and a dictionary.






          share|improve this answer















          Because md5 is not an encryption mechanism, it is a very old one-way hash algorithm. What you are finding are collisions, and they are highly unlikely to be the original input. They have produced a possible match. Consider



          $ echo "My Gmail Password Is Orange" | md5sum
          97ec87f89796b683feae88008c302d22 -
          $ echo -n "My Gmail Password Is Orange" | md5sum
          52b4551c065189631be8b506eee9b62e -


          The only difference between those two String(s) is the newline. It's true that md5 is broken. But it's not reversible, unless you consider very short words and a dictionary.







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited Nov 24 '18 at 9:22

























          answered Nov 24 '18 at 9:20









          Elliott FrischElliott Frisch

          156k1397192




          156k1397192













          • Frisch It is the original inout

            – F.Ahmed
            Nov 24 '18 at 9:21











          • @F.Ahmed For trivial sample words. What does it give you for 8a2c1ee4c9faf18992a59cedd9023349? BTW, if that comes back fast, it's still only an example of a rainbow table at work. That was "floccinaucinihilipilification", now try 8a2c1ee4c9faf18992a59cedd9023350.

            – Elliott Frisch
            Nov 24 '18 at 9:25








          • 1





            Frisch it comes to floccinaucinihilipilification

            – F.Ahmed
            Nov 24 '18 at 9:29











          • @F.Ahmed How it works ? MD5 means a 128-bit encryption algorithm, generating a 32-character hexadecimal hash, whatever the captcha. This algorithm is not reversible, ie it is normally impossible to find the original word from the md5 hash. Our tool uses a huge database in order to have the best chance possible to trace the captcha. Just enter an MD5 hash in the form above to try to decrypt! Words in the database : 1,154,869,433,999 From here.

            – Elliott Frisch
            Nov 24 '18 at 9:30













          • It's a big rainbow table. SALT your passwords folks!

            – Elliott Frisch
            Nov 24 '18 at 9:31



















          • Frisch It is the original inout

            – F.Ahmed
            Nov 24 '18 at 9:21











          • @F.Ahmed For trivial sample words. What does it give you for 8a2c1ee4c9faf18992a59cedd9023349? BTW, if that comes back fast, it's still only an example of a rainbow table at work. That was "floccinaucinihilipilification", now try 8a2c1ee4c9faf18992a59cedd9023350.

            – Elliott Frisch
            Nov 24 '18 at 9:25








          • 1





            Frisch it comes to floccinaucinihilipilification

            – F.Ahmed
            Nov 24 '18 at 9:29











          • @F.Ahmed How it works ? MD5 means a 128-bit encryption algorithm, generating a 32-character hexadecimal hash, whatever the captcha. This algorithm is not reversible, ie it is normally impossible to find the original word from the md5 hash. Our tool uses a huge database in order to have the best chance possible to trace the captcha. Just enter an MD5 hash in the form above to try to decrypt! Words in the database : 1,154,869,433,999 From here.

            – Elliott Frisch
            Nov 24 '18 at 9:30













          • It's a big rainbow table. SALT your passwords folks!

            – Elliott Frisch
            Nov 24 '18 at 9:31

















          Frisch It is the original inout

          – F.Ahmed
          Nov 24 '18 at 9:21





          Frisch It is the original inout

          – F.Ahmed
          Nov 24 '18 at 9:21













          @F.Ahmed For trivial sample words. What does it give you for 8a2c1ee4c9faf18992a59cedd9023349? BTW, if that comes back fast, it's still only an example of a rainbow table at work. That was "floccinaucinihilipilification", now try 8a2c1ee4c9faf18992a59cedd9023350.

          – Elliott Frisch
          Nov 24 '18 at 9:25







          @F.Ahmed For trivial sample words. What does it give you for 8a2c1ee4c9faf18992a59cedd9023349? BTW, if that comes back fast, it's still only an example of a rainbow table at work. That was "floccinaucinihilipilification", now try 8a2c1ee4c9faf18992a59cedd9023350.

          – Elliott Frisch
          Nov 24 '18 at 9:25






          1




          1





          Frisch it comes to floccinaucinihilipilification

          – F.Ahmed
          Nov 24 '18 at 9:29





          Frisch it comes to floccinaucinihilipilification

          – F.Ahmed
          Nov 24 '18 at 9:29













          @F.Ahmed How it works ? MD5 means a 128-bit encryption algorithm, generating a 32-character hexadecimal hash, whatever the captcha. This algorithm is not reversible, ie it is normally impossible to find the original word from the md5 hash. Our tool uses a huge database in order to have the best chance possible to trace the captcha. Just enter an MD5 hash in the form above to try to decrypt! Words in the database : 1,154,869,433,999 From here.

          – Elliott Frisch
          Nov 24 '18 at 9:30







          @F.Ahmed How it works ? MD5 means a 128-bit encryption algorithm, generating a 32-character hexadecimal hash, whatever the captcha. This algorithm is not reversible, ie it is normally impossible to find the original word from the md5 hash. Our tool uses a huge database in order to have the best chance possible to trace the captcha. Just enter an MD5 hash in the form above to try to decrypt! Words in the database : 1,154,869,433,999 From here.

          – Elliott Frisch
          Nov 24 '18 at 9:30















          It's a big rainbow table. SALT your passwords folks!

          – Elliott Frisch
          Nov 24 '18 at 9:31





          It's a big rainbow table. SALT your passwords folks!

          – Elliott Frisch
          Nov 24 '18 at 9:31


















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Stack Overflow!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53456790%2fwhy-is-it-so-easy-to-decrypt-md5-checksums%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          這個網誌中的熱門文章

          Xamarin.form Move up view when keyboard appear

          Post-Redirect-Get with Spring WebFlux and Thymeleaf

          Anylogic : not able to use stopDelay()