How to Recover a Stored Password from HeidiSQL

This has happened to me more times than I care to admit. In fact, that’s why I’m writing this article. Recovering a stored password from HeidiSQL is relatively easy, though not necessarily an intuitive process. So here’s how to recover a password stored in HeidiSQL in six simple steps.

  1. Open HeidiSQL and select File > Export Settings to dump settings into a text file.
    Export settings in HeidiSQL
  2. Open the text file and search on the host name of the database you want to recover the password for.
  3. A couple lines below the host name is the encoded password. It’ll look something like: 755A5A585C3D8141. Keep this handy.
  4. Copy the following code into a new document.
    <!doctype html>
    <html>
    <body>
    <script>
    function heidiDecode(hex) {
        var str = '';
        var shift = parseInt(hex.substr(-1));
        hex = hex.substr(0, hex.length - 1);
        for (var i = 0; i < hex.length; i += 2) str += String.fromCharCode(parseInt(hex.substr(i, 2), 16) - shift); return str; } document.write(heidiDecode('[ENCODED_PASSWORD]')); </script>
    </body>
    </html>
    
  5. Copy and paste the encoded password from the HeidiSQL settings file into the heidiDecode function as the value to be passed as the hex argument, i.e. replace [ENCODED_PASSWORD] with your actual encoded password.
  6. Save as a HTML document and run it in a web browser.

The text that displays on the web page is the decoded password stored in HeidiSQL. Simple!

Thanks to jpatters and his GitHub Gist, which I always eventually stumble upon after spending way too much time googling for a solution. Hopefully, this expanded explanation of that gist will help someone who’s unfamiliar with exporting and reading HeidiSQL data dumps, working with JavaScript, or who needs help filling in the gaps in the gist’s directions.



25 responses to “How to Recover a Stored Password from HeidiSQL”

  1. Bikerpete says:

    Thank you, man! That made my day 🙂
    For some reason, I had to recover a lost password, that was set in the past (and not documented).

  2. Rick says:

    Thank you! Kept me from looking like a moron to my client.

  3. K-DOT says:

    This was very helpful, Thanks a lot

  4. Astar says:

    Thanks 😀

  5. YL says:

    Still very useful. Thanks!!

  6. Pete W says:

    Thanks, very useful!

  7. Hasan says:

    You are awesome! Thank you very much!!!

  8. alma says:

    Thank you Man!

  9. xixnux says:

    Thank you very much, your article was very helpful. Greetings from Colombia

  10. Eric says:

    Brilliant! Thank you much.

  11. Nick Steele says:

    You saved me an hour of my life. You are a swell chap!

  12. Wolfium says:

    Great and slick solution…

    I just forked and added browser detection to the script to be able to run it from node in command line without any browser needed.
    So it will run for node as for browser inclusion

    https://gist.github.com/Wolfium/75a2e6614ef11f92eb1627a1bdea5881#file-heididecode-js

  13. That’s awesome Wolfium!

  14. karthik says:

    Super… It worked for me.
    Thank you

  15. Sander Bouwhuis says:

    Thanks a bunch! I hate passwords.

  16. Tomek says:

    Great job! Thx

  17. Raj says:

    You are a Star! Thank You.

  18. Carla says:

    Thank you!!!!

  19. Gta says:

    Amazing,
    Thank You

  20. Fabian says:

    Omg, thank you so much 😀 I forgot to save it in my password manager, and otherwise I would have to reinstall everything. Thanksss!

  21. Irsyad says:

    Perfect!
    Thank you

  22. Nadz says:

    Top thank’s

  23. David says:

    GENIUS! You saved the day… THANK YOU!!

  24. Philipp says:

    You saved my butt. Thank you so much for this!

Leave a Reply

Your email address will not be published. Required fields are marked *