how to get text from hashed text value by sql server 2017 ?

Question

how to get text from hashed text value by sql server 2017 ?

ahmed_elbarbary.2010

Hall of Fame

Points: 3118
More actions
May 9, 2022 at 11:09 am

#4029401

How to extract data from hashbyte text after hash or encrypted on SQL
how to extract data from hashbyte text after hash or encrypted on sql server 2017 ?
I work on sql server 2017 i have field nvarchar(max) store values hashbytes
suppose i have text as username:sayed password:321
and i hash it by using hashbyte
so after hashing by using hashbyte
i need to extract data from it
meaning i need to get data of user as
username:sayed password:321
so how to extract data from field hashed by using hashbyte sql server 2017
meaning
How to get data password:321
i hash my text as below
select HASHBYTES('SHA2_512','username:sayed password:321')
how to get text

username:sayed password:321
from hashed below
0x11AF8281C1FB70097586CDCA6A9B2CA35BCC464CCD4F57D3C1D347371EB8433015080669AE93141D8A170822BB803CC36015841ED3BA853D322201C4A25F9E8D

Viewing 5 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic. Login to reply

Phil Parkin SSC Guru Points: 246686 More actions · Answer 1

Hashing is a one-way process ... you can't get back to the original value if you know only its hashed value.

If you haven't even tried to resolve your issue, please don't expect the hard-working volunteers here to waste their time providing links to answers which you could easily have found yourself.

Thom A SSC Guru Points: 99126 More actions · Answer 2

If you are trying to, perhaps compare the hashed value to the user input, what you should be doing is rehashing the value (in the application) and then comparing it to the hashed value; if the hashed values are the same, then you know that the input values were the same too.

Thom~

Excuse my typos and sometimes awful grammar. My fingers work faster than my brain does.
Larnu.uk

Thom A SSC Guru Points: 99126 More actions · Answer 3

Also, an nvarchar(max) is the wrong choice of data type. HASHBYTES returns a varbinary with a length of up to 8000.

Thom~

Excuse my typos and sometimes awful grammar. My fingers work faster than my brain does.
Larnu.uk

Jeff Moden SSC Guru Points: 1003851 More actions · Answer 4

When trying to use hashed passwords, you don't unhash what you have stored. As others said, hashing is basically a one-way-trip and that's a good thing.

When the user creates their password, it MUST be hashed using one of the better logarithms for hashing to help it survive brute force attackas and "Rainbow Table" attacks. When they user wants to login again, they provide their password like they did the first time. That password gets hashed and then you compare the hashes.

Of course, I'm not including all the other stuff like a proper "salt", etc, etc. I'll remind folks that most people that try to come up with their own security have the risk of becoming unemployable in a rapid fashion. 😀

--Jeff Moden

RBAR is pronounced "ree-bar" and is a "Modenism" for Row-By-Agonizing-Row.
First step towards the paradigm shift of writing Set Based code:
________Stop thinking about what you want to do to a ROW... think, instead, of what you want to do to a COLUMN.

Change is inevitable... Change for the better is not.

Helpful Links:
How to post code problems
How to Post Performance Problems
Create a Tally Function (fnTally)