Solved

How to decrypt using MD5Crypto

Posted on 2013-01-29
3
349 Views
Last Modified: 2013-01-30
How can I decrypt a string which uses the folowing code to encrypt a string :

public static string HashResetParams(string username, string guid)
        {
            byte[] bytesofLink = System.Text.Encoding.UTF8.GetBytes(username + guid);
            System.Security.Cryptography.MD5 md5 = new  System.Security.Cryptography.MD5CryptoServiceProvider();
            string HashParams = BitConverter.ToString(md5.ComputeHash(bytesofLink));
            return HashParams;
        }
0
Comment
Question by:brgdotnet
  • 2
3 Comments
 
LVL 19

Expert Comment

by:Rikin Shah
ID: 38833822
Hi,

You want to decrypt MD5 encrypted string which is not possible. MD5 is a non decrypt-able cryptography type.

There are some websites which runs on database for some standard passwords people use to keep (like, 123456, abc123). In that case it can be useful to you to decrypt. In case your password is not simple (like, askjdh122?) the website would not be useful.
0
 
LVL 2

Author Comment

by:brgdotnet
ID: 38833947
When a user registers to my site for the first time, I send them an email message with a unique guid. Then when they click on a link in the email message, they are redirected back to a web page which ask them to confirm their identity. The guid is stored in the query string, where I check it, against it's previously saved value in the database.

So is it senseless for me to encrypt the guid? Guids are fairly cryptic as is? Just thought I would go the extra mile to convulute the password further so no hacker could access it.

What encryption should I use, if encrypting it does make sense?
0
 
LVL 19

Accepted Solution

by:
Rikin Shah earned 200 total points
ID: 38834000
Well, you are on the right track... MD5 is your choice.

Yes Guids are... but for your extra mile you can encrypt it. And when you want to compare the Guids entered by the user while the redirection, the user entered Guid will be encrypted and compared to the encrypted one in the database.

Or you can send the encrypted Guid string right away to the user and ask the user to enter it while confirming the registration. In this case you will not have to encrypt the Guid to compare against the encrypted string in the database.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: Ivo
C# And Nullable Types Since 2.0 C# has Nullable(T) Generic Structure. The idea behind is to allow value type objects to have null values just like reference types have. This concerns scenarios where not all data sources have values (like a databa…
Introduction Hi all and welcome to my first article on Experts Exchange. A while ago, someone asked me if i could do some tutorials on object oriented programming. I decided to do them on C#. Now you may ask me, why's that? Well, one of the re…
This is a video describing the growing solar energy use in Utah. This is a topic that greatly interests me and so I decided to produce a video about it.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

929 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now