不。MD5不是加密(尽管它可能被用作一些加密算法的一部分)，它是一个单向哈希函数。作为转换的一部分，大部分原始数据实际上“丢失”了。

Think about this: An MD5 is always 128 bits long. That means that there are 2128 possible MD5 hashes. That is a reasonably large number, and yet it is most definitely finite. And yet, there are an infinite number of possible inputs to a given hash function (and most of them contain more than 128 bits, or a measly 16 bytes). So there are actually an infinite number of possibilities for data that would hash to the same value. The thing that makes hashes interesting is that it is incredibly difficult to find two pieces of data that hash to the same value, and the chances of it happening by accident are almost 0.

A simple example for a (very insecure) hash function (and this illustrates the general idea of it being one-way) would be to take all of the bits of a piece of data, and treat it as a large number. Next, perform integer division using some large (probably prime) number n and take the remainder (see: Modulus). You will be left with some number between 0 and n. If you were to perform the same calculation again (any time, on any computer, anywhere), using the exact same string, it will come up with the same value. And yet, there is no way to find out what the original value was, since there are an infinite number of numbers that have that exact remainder, when divided by n.

That said, MD5 has been found to have some weaknesses, such that with some complex mathematics, it may be possible to find a collision without trying out 2128 possible input strings. And the fact that most passwords are short, and people often use common values (like "password" or "secret") means that in some cases, you can make a reasonably good guess at someone's password by Googling for the hash or using a Rainbow table. That is one reason why you should always "salt" hashed passwords, so that two identical values, when hashed, will not hash to the same value.

一旦一段数据通过哈希函数运行，就没有回头路了。

在寻找哈希函数的逆函数方面，没有办法“恢复”哈希函数。如前所述，这就是哈希函数的意义所在。它不应该是可逆的，它应该允许快速哈希值计算。因此，找到产生给定哈希值的输入字符串的唯一方法是尝试所有可能的组合。这就是所谓的蛮力攻击。

尝试所有可能的组合需要花费大量时间，这也是为什么使用哈希值以相对安全的方式存储密码的原因。如果攻击者能够访问您的数据库，其中包含所有用户密码，那么无论如何您都会失败。如果您有哈希值和(理想地说)强密码，那么攻击者将很难从哈希值中获取密码。

存储哈希值也没有性能问题，因为计算哈希值相对较快。因此，大多数系统所做的是计算用户输入的密码的哈希值(这很快)，然后将其与用户数据库中存储的哈希值进行比较。

MD5哈希算法是不可逆的，所以MD5解码在不可能，但一些网站有批量设置密码匹配，所以你可以尝试在线解码MD5哈希。

在网上试试:

MD5解密

md5online

md5decrypter

在这里可以看到所有其他的答案，关于它如何以及为什么不可逆，以及为什么你不想这样做。

为了完整起见，这里有彩虹表，你可以在上面查找可能的匹配。不能保证彩虹表中的答案是用户选择的原始密码，这样会使用户非常困惑。

同样，这也不适用于咸散列。许多安全专家都建议用盐腌制。

不，这是不可能的。您可以使用字典，也可以尝试散列不同的值，直到获得您正在寻找的散列。但它无法被“解密”。

It is not yet possible to put in a hash of a password into an algorithm and get the password back in plain text because hashing is a one way thing. But what people have done is to generate hashes and store it in a big table so that when you enter a particular hash, it checks the table for the password that matches the hash and returns that password to you. An example of a site that does that is http://www.md5online.org/ . Modern password storage system counters this by using a salting algorithm such that when you enter the same password into a password box during registration different hashes are generated.