How would this be decoded?

Looks like an MD5 hash (32 character hexadecimal) which is one-way encryption. Its used a lot for passwords but can be broken (with some difficulty) though you’ll likely never know the original input that produced it (MD5 breaking involves forcing a collision of two values that produce the same hash).

Also, just in case you were wondering, the value you’ve given doesn’t decode to any type of legible string. If you’ve got ruby installed you can see for yourself:

“9b3ab017822c2925dd19ad94dce68fed”.scan(/.{2}/).each { |c| puts c.hex.chr }

I also found a site that claims to do reverse lookups of MD5 strings.

And, if it was salted, you may not be able to find the “original” plaintext.

That is, if my password is “piano”, the md5 sum would be
d113f1c3f9ed8019288f4e8ddecfb8ec

However, if the password program is at all intelligent, they have salted their sums. For instance, if the salt is… well… “salt”, then the md5 sum for my password would be (“pianosalt”):
78320642b48d01334ac06bf4f19a934a

Now, let’s pretend that the word saltwatertaffey also has the md5 sum 783…934a (it doesn’t, but for the sake of argument)

So, the problem is now that if I crack the second string by some method that finds the collision saltwatertaffey, I don’t have a valid password. Only if I find a collision that ends in the word “salt” or the original plaintext (ending in the word “salt”) have I found the actual password.

A much easier way to crack the password is to figure out what the salt it—typically based on each program’s implementation, and then run a dictionary attack against the md5 table.

And, while you’re waiting, call random people and ask them what their passwords are.

I’m not being malicious or anything, somebody just posted this on a forum I’m on in their “location” field and has challenged people to figure it out. So far 2 people have.