BlackMamba BlackMamba - 5 days ago 5
Python Question

How to unhash the password which is hashed by generate_password_hash?

I am using

Flask
to develop a small web service, the user password is stored in mysql after using
generate_password_hash
.
just like: password = "123345", the stored value in mysql is
generate_password_hash(12345)
.

Not i want implement the function for look back my password, but i meet an issue when unhash the stored password.

just how convert
generate_password_hash(12345)
to
12345
?

Answer

From Wikipedia:

[MD5] is a mathematical algorithm that maps data of arbitrary size to a bit string of a fixed size (a hash function) which is designed to also be a one-way function, that is, a function which is infeasible to invert.

Leaving aside potential vulnerabilities, there's no way to get the original data that produced the hash. And that's the idea. If some bad guy get access to your database, he won't be able to know your users' passwords.