By robertdouglass on

As you (should) know, Drupal never stores your password itself, but rather creates an MD5 hash of the text. That means it is impossible for someone with database access to steal your password. When you enter your password to log in, the text is hashed again and the two hashes are compared. This is a nice feature for Drupal to have but it means that you can never recover your password. You can change it to a new one, but there is no way to find out what your current password is. Or is there?

Enter GData: An Online MD5 Hash Database

With this site, you can look in your database's user table, see the password hash, do a lookup on the GData site, and if you're (un)lucky, get the password in return. The database isn't complete, and never will be, but things like this will make it much easier to "guess" your password, escpeciall if your pw's hash is something like one of these:

98e428bb156522cdcb0d31e7cd8bcef4
d9a8e7981e7554d1edeb9f5f065122f8
8d07ba91223c20bbd8b74b1bc1b5d683

Go ahead try them.