How to decrypt sha1 encrypted password in C# !

Question

1.00/5 (1 vote)

See more:

C#

How to decrypt sha1 encrypted password or string in C# !

Waiting for reply !

Posted 18-Apr-14 1:28am

Pugal Kannan

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

OriginalGriff · Answer 1 · 2014-04-18T01:42:00

Solution 1

You can't.
SHA is not an encryption algorithm - it's a hashing algorithm, and there is a huge difference: encryption can be reversed if you have the decryption key, hashing cannot.

Hashing throws away information, which cannot be recovered - it does not encrypt information.

If you have hashed your data and need to recover it - you can't. That is the whole idea.

Posted 18-Apr-14 1:42am

OriginalGriff

Comments

Pugal Kannan 18-Apr-14 8:03am

I have one question.,

I need to encrypt password at client side, and i need to decrypt password at server side, give some idea for that !!!!!

OriginalGriff 18-Apr-14 8:07am

You can't use SHA for decryption, period!

Instead, hash it at the client, and compared it against the hashed version you stored at the server. You should never try to store encrypted or plain text passwords at all - it's just not secure!

OriginalGriff 18-Apr-14 8:15am

BTW: If you are trying to pass information of any kind that is secure from the client to the server, you really should be using https not http - which encrypts the traffic both ways.
http is not secure - and very easy to snoop - so event hashed or encrypted passwords are easy to snaffle and reuse, even if you don't know what the original data was!

Pugal Kannan 18-Apr-14 8:29am

I know & I agree your point ! But, the my head told like client side encryption should be dynamic ! Is it have any ways !

Pugal Kannan 18-Apr-14 8:27am

I know & I agree your point !
But, the my head told like client side encryption should be dynamic ! Is it have any ways !

OriginalGriff 18-Apr-14 8:35am

Not with SHA - you could use an encryption method, but it would be seriously insecure, as you would have to send the encryption key from the server to the client as part of the javascript.

Seriously, tell your head he's an idiot, and you should be using https for this! :laugh:

Pugal Kannan 18-Apr-14 8:47am

if i use https means no need to encrypt password ah??????

OriginalGriff 18-Apr-14 10:26am

That's right - the whole https session is encrypted.

Pugal Kannan 19-Apr-14 0:51am

Really i thank for your valuable comments !

Pugal Kannan 19-Apr-14 0:57am

I need to know another one thing., i need to encrypt in client side and decrypt in server side !
which algorithm is best !