Jump to content


This topic is now archived and is closed to further replies.


md5 not being decrypted(ever)

Recommended Posts

My question is not whether or not md5 can be decrypted, because I know it's the answer no.
BUt what I instead want to ask.

Based on knowing the algorith behind md5.
If you put in a word, using
whatever is in the variable will be the exact same everytime you md5 it.
Then if you use 2 vague variables like
the hash's turn out totally different, almost at random, but still, if you rehash the things again, then it comes out the same.

So it seems the algorithm isn't based on how many letter's are in the word(s), or what letter is before what alphabetically, but I don't see(using php), why someone couldn't decrypt it if they could discover how it works.
Just a thought, now a question

With md5, I have started thinking about double(triple) hashing, but it might be a waste of time.
But I was thinking, if you have a password
$password = "dave";
$password = md5($dave);
$password = md5($password);
$password = md5$password);
As you can see you hash the password dave 3 times.
I was thinking then when someone log's in to test for the hash like this
$password = "dave";
$password = md5($dave);
$password = md5($password);
$password = md5$password);
$userpassword = $_POST['password']; // This is what they entered in the form)
if (md5(md5(md5($_POST['password']))) == $password) {
// correct password
}else {
// incorrect password
won't this be the same as only doing it once, just more secure?

Share this post

Link to post
Share on other sites
Well if you are storing it in the database as a triple md5 hash then you would not need to hash it again, Just hash the POST['password'] 3 times and compare them. And yes It would be the same. Just don't know how secure it would be, unless like you said someone broke the md5 hash.

Share this post

Link to post
Share on other sites


Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.