PHP and MySQL (55 Blogs) Become a Certified Professional

How to Decrypt MD5 Password in PHP?

Last updated on Nov 25,2020 41.8K Views
How to Decrypt MD5 Password in PHP?


One of the most important parts of a website is the authentication system and it is commonplace for developers to commit mistakes leaving out vulnerabilities for others to exploit. Since PHP is a server-side scripting language, it is responsible for all the back-end functionalities required by the website. In this article, we will learn how to decrypt md5 password in PHP in the following sequence:

Let’s begin.

Why do we need MD5 in PHP? 

One basic example could be storing and using user passwords in its true form, in this situation an unauthorized person might get access to the database and the whole system is compromised. To prevent this situation password hashing is used. Password hashing can be defined as a method that takes the user password or string and encrypts it into a fixed-length password, PHP has a few functions to achieve the same like md5(), sha1(), hash(). 

What is MD5 hashing?

MD5 hashing algorithm generates a 32 characters string (hexadecimal) for any word or phrase we give in the input. We can even encrypt an entire file into an MD5 hash. The algorithm can also be used for digital signature applications, where a large file is compressed in a secure manner and then encrypted with the help of a private key.

How to use MD5 in PHP?

To calculate the MD5 hash of a string PHP has a pre-defined function md5(). The md5() function calculates the MD5 hash of a string input and returns the hash hexadecimal number. The md5() function uses the MD5 Message-Digest Algorithm.






Mandatory. It is the input string that needs to be calculated


Optional. Specifies binary or hex output format:

  • If it is set to TRUE – Raw 16 character binary format

  • If it is set to FALSE – Default. 32 character hex number

Return Type: 

md5() returns hash as a 32-character hexadecimal number.

How to Decrypt MD5 Passwords in PHP?

The MD5 cryptographic algorithm is not reversible i.e. We cannot decrypt a hash value created by the MD5 to get the input back to its original value. So there is no way to decrypt an MD5 password. But, we can use something like brute force hacking, which is extremely resource-intensive, not practical, and unethical. Thus, if someone is entering the correct password, we need to find the hash value of whatever the user entered, and see if it matches what we have in our database thus it is time and resource-intensive job to perform.

It is possible to guess what the original password is by looking in dictionaries of MD5 hashes of many known words, these dictionaries can be useful to tell a user that the password that he has chosen may be easily discovered thus we can ask the user to build a more strong password.

Examples to Decrypt MD5 Password

Example 1:

$string = " PHP with Edureka";  
echo "Your string is:".$string;  
echo "<br>";  
echo "Hex formed by md5 function is ".md5($string);  


Output - How to decrypt md5 password - Edureka

In the above example, we print the hash value of “ PHP with Edureka” generated by the md5() function.

Example 2:

$string = ' PHP with Edureka';  
if (md5($string) =='9a1359e7be2d2670780b85471675dc72'){  
    echo "PHP with Edureka is Fun";  
else {
	echo"look for the error";


Output - How to decrypt md5 password - Edureka

In the above example, we check if the hash value of variable $string is equal to 9a1359e7be2d2670780b85471675dc72 the program prints out “PHP with Edureka is Fun” else it prints “look for the error”

Example 3

$string = " PHP with Edureka";   
echo "Your string is: ".$string."<br>";   
echo "Setting raw input to TRUE getting 16 character binary: ".md5($string, TRUE)."<br>";   
echo "default raw input set to FALSE giving 32 charater hex number: ".md5($string)."<br>";   


Output - How to decrypt md5 password - Edureka

In the above example, we look at the application of the raw parameter in the md5() function. If we set it to TRUE it gives a 16 character binary output else it simply gives 32 characters hex number.

Example 4:

$password= "pass123";   

if (isset($_POST['password']) && !empty($_POST['password']))
		echo "<br> Correct password ";
		echo "<br> Incorrect password ";


<form action="md5.php" method="post">
<input type="text" name="password">
<input type="submit" >


The above code gives an output of an HTML form with a text block and a submit button if we enter the correct password it prints “Correct password” else it prints “Incorrect password”.

Output - How to decrypt md5 password - Edureka

When we type in the wrong password for example here it checks for the hash of “pass” input with the hash of “pass123” the correct password if it does not match it gives out as follows

Output - How to decrypt md5 password - Edureka

It prints out  “Incorrect password”

Output - How to decrypt md5 password - Edureka

If we type in the right password (i.e “pass123”) the hash of the input matches with the hash of the correct password and it gives the following output

Output - How to decrypt md5 password - Edureka

It prints out “Correct password”

Output - How to decrypt md5 password - Edureka

Now with this, we have come to the end of the PHP Tutorial. I hope you guys enjoyed this article and understood the concepts of decryption. So, with the end of this PHP Tutorial, you are no longer a newbie to the scripting language.

If you found this PHP Tutorial blog relevant, check out the PHP Certification Training by Edureka, a trusted online learning company with a network of more than 250,000 satisfied learners spread across the globe.

Got a question for us? Please mention it in the comments section of ”How to decrypt md5 password in PHP?” and I will get back to you.


Join the discussion

Browse Categories

webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP

Subscribe to our Newsletter, and get personalized recommendations.