How to Recover a Stored Password from HeidiSQL

This has happened to me more times than I care to admit. In fact, that’s why I’m writing this article. Recovering a stored password from HeidiSQL is relatively easy, though not necessarily an intuitive process. So here’s how to recover a password stored in HeidiSQL in six simple steps.

  1. Open HeidiSQL and select File > Export Settings to dump settings into a text file.
    Export settings in HeidiSQL
  2. Open the text file and search on the host name of the database you want to recover the password for.
  3. A couple lines below the host name is the encoded password. It’ll look something like: 755A5A585C3D8141. Keep this handy.
  4. Copy the following code into a new document.
    <!doctype html>
    <html>
    <body>
    <script>
    function heidiDecode(hex) {
        var str = '';
        var shift = parseInt(hex.substr(-1));
        hex = hex.substr(0, hex.length - 1);
        for (var i = 0; i < hex.length; i += 2) str += String.fromCharCode(parseInt(hex.substr(i, 2), 16) - shift); return str; } document.write(heidiDecode('[ENCODED_PASSWORD]')); </script>
    </body>
    </html>
    
  5. Copy and paste the encoded password from the HeidiSQL settings file into the heidiDecode function as the value to be passed as the hex argument, i.e. replace [ENCODED_PASSWORD] with your actual encoded password.
  6. Save as a HTML document and run it in a web browser.

The text that displays on the web page is the decoded password stored in HeidiSQL. Simple!

Thanks to jpatters and his GitHub Gist, which I always eventually stumble upon after spending way too much time googling for a solution. Hopefully, this expanded explanation of that gist will help someone who’s unfamiliar with exporting and reading HeidiSQL data dumps, working with JavaScript, or who needs help filling in the gaps in the gist’s directions.



7 responses to “How to Recover a Stored Password from HeidiSQL”

  1. Bikerpete says:

    Thank you, man! That made my day 🙂
    For some reason, I had to recover a lost password, that was set in the past (and not documented).

  2. Rick says:

    Thank you! Kept me from looking like a moron to my client.

  3. K-DOT says:

    This was very helpful, Thanks a lot

  4. YL says:

    Still very useful. Thanks!!

  5. Pete W says:

    Thanks, very useful!

  6. Hasan says:

    You are awesome! Thank you very much!!!

Leave a Reply

Your email address will not be published. Required fields are marked *