Paste an MD5 hex digest below. We compare it against the rockyou wordlist (14.3 million common passwords) and return the matching plaintext if it's a known hash.
password is 5f4dcc3b5aa765d61d8327deb882cf99
MD5 hashes are not cryptographically decrypted — they are reversed or matched using a list of candidate passwords. The candidate list is hashed and compared against the target; the matching candidate is the plaintext.
MD5 passwords are usually represented as a 32-character hexadecimal number. Modern GPU compute power and known structural weaknesses mean MD5 is no longer considered a secure password storage function.
On Linux or macOS:
echo -n password | md5sum - 5f4dcc3b5aa765d61d8327deb882cf99 -
In Python 3:
>>> import hashlib >>> hashlib.md5(b'password').hexdigest() '5f4dcc3b5aa765d61d8327deb882cf99'
On Windows via PowerShell:
PS> Get-FileHash -Algorithm MD5 test.txt
First published in 1991, MD5 is over three decades old. GPU compute can now exhaust keyspaces at billions of hashes per second. Collision attacks were discovered in 2004, and the Flame malware (2012) used an MD5 collision to forge Microsoft digital signatures.