How to decrypt an encrypted password in Mendix app set to bcrypt?

0
hello I have defaulted to hash algorithm bcrypt in my mendix app. If I open the database in pro and check it, I can see the encrypted password.   However, I want to decrypt this encrypted password so that I can see the original input value(Decoded original value). Is there any way to do this? (Mendix versions are 9.24.0 and 10.2.0)  
asked
2 answers
0

You cannot do this because:

 

Passwords are hashed, not encrypted. Hashing is one way only, you cannot reverse it.

answered
0

Hi,

 

MD5 is known to have collisions (2 different strings can produce the same hash). There are two ways to match the pasword that leads to a certain hash.

 

One is to perform a brute force attack (You randomly gererate passwords that hashes to  a known value). There are tools available to do so, also online: https://10015.io/tools/md5-encrypt-decrypt

 

The second method is to look up the password using a rainbow table. In this table you have hashed values and their corresponding password.

 

This is, if the system doesn't use a salted hash. In that case a unique string (constante) is added to the password and than hashed. This makes rainbow tables useless and you need to brute force against the login page not matching a string in the database. 

 

Go Make It

 

answered