• TwitterFacebookGoogle PlusLinkedInRSS FeedEmail

Dnn Password Decrypt

04.09.2019 
  1. Des Password Decrypt
There is no method of getting the decrypted password from the encrypted password stored in your DSN... if there was then there wouldn't be much point in encrypting it!

Des Password Decrypt

Ok, I have researched this topic some more and as a result I have completed redacted my previous response because it is completely bogus and I want to make sure that I correct my mistakes. It turns out that there isn't much point in 'encrypting' your password using ENP - see below.

Asterisk Password Decryptor is password a recovery tool that allows you to view passwords hidden behind the asterisks in password fields. It uncovers hidden passwords from password dialog boxes and Windows Internet Explorer web pages. Key Features: Instantly uncover hidden passwords on password dialog boxes. Decrypt password using machine key and password salt I am looking for a method to decrypt a user's password. I store the password in the database in encrypted form by using a machine key specified in web.config. There is also a password salt field in the database. I go over using SecureString (System.Security.SecureString) and passwords in PowerShell as well as how to decrypt passwords from Get-Credentials.

The correct answer is that it is easy to get back your plain text password from the 'encrypted password' (ENP) value. I have quoted 'encrypted password' because, even though the password value is mangled to be something that is not easily remembered, there is no key required to get the original text back. Therefore the ENP value should be treated as a way of obfuscating the password text rather than encrypting it.

Here is how you can get your original plain text from the ENP value on Windows:

  1. Create a user DSN using dbdsn that includes the ENP value (copied from your File DSN) in the connection string.
    Example: dbdsn -w foo -c uid=dba;ENP=39f2ce6e
  2. Start the ODBC Data Source Administrator tool.
    Example, on a command prompt use: start odbcad32
  3. Open (configure) the User DSN that you have created - in my example this would be 'foo'.
  4. Switch to the Login tab of the ODBC Configuration for SQL Anywhere dialog box and uncheck the Encrypt password check box.
  5. Click OK to save the User DSN
  6. Back in your command prompt use dbdsn to get the DSN connection string:
    Example: dbdsn -g foo
    The output from my example is
    foo: UID=dba;PWD=sql;INT=NO
    Note my original encrypted password '39f2ce6e' was 'sql'.
DecryptDnn Password Decrypt

So a note to all users: do not use ENP as a method to secure your passwords. Storing your password anywhere on your computer is not a good idea. This warning is given in the SQL Anywhere documentation for the ENP parameter:

Caution

When creating a data source, it isrecommended that you do not includethe encrypted password as part of thedefinition. Although both the ODBCConfiguration For SQL Anywhere windowin the Windows ODBC Data SourceAdministrator and the SQL AnywhereData Source utility (dbdsn) have thiscapability, including this informationposes a security risk.