Or use a rainbow table of matched hashes. The only way to find the password or message that produces a given hash is to attempt a brute-force-search of possible inputs to see if they produce a match. If your database gets hacked in this case, the hacker will be left with random hash strings instead of plain text ones they could use to easily exploit your user's accounts with. Later on, you can compare the hash and password to verify that they match. The answer is to generate a hash (a long, complex, and unique string) using the user's password and store that hash in your database. Since it's a big no-no to store passwords as plain text in your database, how are you supposed to handle and store them? Chances are that you'll need to handle people's passwords in your coding endeavors.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |