You never ever should decrypt a password. And you never need it: it is absolutely not needed for authentication.
Also, MD5 is cryptographic hash function; it does not allow "decryption" at all; more exactly, makes it infeasible. This is the whole point of such algorithms.
Surprised? Keep reading.
Think about it: does anyone (except the user who owns the password) needs to know the password, ever? All authentication needs is to make sure, that the string entered by a authenticated user is the same that this user entered in the process of password creation. From the first glance, it looks like knowing of the password, but in fact this is not true. What to do this exercise in logic?
One of the ways of solving this problem which is usually used is calculation of a
cryptographic hash function in both cases and storing the hash. If you want to say that this stored value is just the encrypted password, think again. The big difference is: the cryptographic hash cannot be decrypted at all, this is a
one-way function. So, it's
infeasible to calculate a password from hash (and, of course, it has nothing to do with system permissions: this is equally infeasible for anyone). And this is not needed: you just store hash and compare hash with hash.
Please see:
http://en.wikipedia.org/wiki/Cryptographic_hash_function[
^].
It is important
not to use MD5 or SHA1 for security purposes: these algorithms are considered broken. Use one of the SHA-2 family:
http://en.wikipedia.org/wiki/Md5[
^],
http://en.wikipedia.org/wiki/Sha1[
^],
http://en.wikipedia.org/wiki/Sha2[
^].
Please see my past answers on this topic:
Decryption of Encrypted Password[
^],
i already encrypt my password but when i log in it gives me an error. how can decrypte it[
^],
TCP Connection with username and password[
^].
—SA