Using Google to reverse MD5 and how I almost revealed my password to the world
In this article Steven explains how he used Google to find the password for a given MD5 hash for a user that hacked into his site.
In one of the comments a reader points to this website that offers a direct database of md5 hashes. You enter a string and get its MD5, you enter an MD5 and (if it’s known) you get the original string.
The database only works on known (text, MD5) pairs. If I ask for the text of an MD5 the db hasn’t seen before, it won’t give an answer.
I use a single password to all my internet activities, because I’m lazy. So I almost went ahead and entered that password into the md5 database in order to check if the md5 is known. Then I realized how stupid this would be – it would actually add the information to the db, and actually reveal to the world my password.
Instead I privately checked what my MD5 is (using this C# code), then entered the MD5 into the DB to check if it knows the original password.
The result? No it doesn’t 🙂
