Welcome to Working With Rails

 

Discussion Forums

Discuss all things Ruby on Rails with perhaps the web's most vibrant group of Ruby on Rails enthusiasts.

Discussion ForumsAsk A Rails Expert

decrypting the password
4 Posts
decrypting the password
anas mohd
10:48 09-05-08
#01

Hi im mohd anas i used Digest/sha2 to make password into "hashed password". Now how can i retrieve the original password which i was typed(decryption)...........

                                      Mohd ANAS
Add message
Report
Person
anas mohd
Sign In To Rate Post
Balaji
11:02 09-05-08
#02

Hi Anas

I don't think the passwords encrypted using Digest/sha2 can be retrieved

Please refer

http://crypt.rubyforge.org/blowfish.html

http://blog.leetsoft.com/2006/03/14/simple-encryption

Add message
Report
Person
Balaji
Forum Rating: 100
Sign In To Rate Post
jbower
19:53 09-05-08
#03

It is worth noting the reason for using a one way hash like sha2. You are adding an extra layer of protection in case your database is compromised. So, short of a brute force attack, there is no way to get the original password from the hash. As the previous poster shows, you authenticate the user by computing a hash of the clear password as typed by the user and compare it with the hash in the database. You do not try to reverse the hash and compare it with the clear password.

Add message
Report
Person
jbower
Sign In To Rate Post
r99
19:26 10-05-08
#04

thank you Balaji & Clemens Kofler ... for giving detailed information

Add message
Report
Person
r99
Sign In To Rate Post
4 Posts
Login to add your message