0

I have created a hash value for password using the below code.. I am storing the value which is returned from the below method.

public static string CreateHash(string password)
{
    // Generate a random salt
    RNGCryptoServiceProvider csprng = new RNGCryptoServiceProvider();
    byte[] salt = new byte[24];
    csprng.GetBytes(salt);
    HashAlgorithm hashAlg = new SHA256CryptoServiceProvider();
    byte[] bytValue = System.Text.Encoding.UTF8.GetBytes(salt + ":" + password);
    // Hash the password and encode the parameters
    byte[] bytHash = hashAlg.ComputeHash(bytValue);
    return
        Convert.ToBase64String(bytHash);
}

Now i want to decode the value of the above created hash.. I need the string value of the password.. How do i do that..?

Improve this question
4
  • 1
    You can't, hashes are one-way algorithms. Commented Jul 13, 2015 at 2:04
  • 1
    Also, it's almost always a bad idea to be able to retrieve the original value of the password. Whatever you're trying to achieve can be done in a better and more secure way. Commented Jul 13, 2015 at 2:09
  • Are there any other algorithms which are 2 way so that i can implement it for my logic Commented Jul 13, 2015 at 2:15
  • Encryption and decryption, but as @Rob already said, it's not a good idea to store passwords in a way that is reversible. Passwords are stored nowadays as salted hashes so in case someone steals your password database, they will have a hard time reversing them. Commented Jul 13, 2015 at 2:24

1 Answer 1

Reset to default
4

SHA-256 is a one-way hash algorithm. You can't get the original text back from the hash, short of brute-force guessing.

Improve this answer
Sign up to request clarification or add additional context in comments.

6 Comments

thanks..!! Are there any other algorithms which are 2 way so that i can implement it for my logic
It depends what you are trying to do. The usual use case for a hash is for password storage, in which case you would not want it to be reversible. Non-reversibility is the whole point.
I am looking for simple encrypt and decrypt functionality where passwords should be salted and stored in a cryptographic hash function
I think you're mixing up some terminology here. Hash functions are generally not reversible. Salt is really only useful for a hash function. If you want to encrypt and decrypt that's fine, but it would not use a salt. You would encrypt with a key, which you then use to decrypt later. But, this brings in another problem you need to deal with, storing and protecting those keys.
@DanLowe The IV of a encryption algorithm is the equivalent of a Salt in a hash.
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.