Hacking and hashes...
LIfe goes on and it is a nice weekend. I don't have much time to write right now, simply because instead of writing, I started to do some research on something I heard about yesterday in a lecture on computer security. I am, as you might know, taking part in a Google lecture that deals with IT Fundamentals and right now I am listening to classes that deals with computer security. And yes, that also deals with hacking and passwords and cryptography and with hashes.
That is why I have done some more research on the topic and I have learned about expressions such as salt that is added to passwords, making you much safer against attacks on your passwords based on password hashes.
What do I mean?
Password hashes...
I have received a few alerts that my data has been included in data breaches from time to time. When I receive such notifications, I also get to know what information has been leaked. Sometimes, actual passwords have been leaked, while other times only a password hash has been leaked, or maybe just an email address.
But, what is the hash thing all about?
Many services store your password as a hash. Instead of storing your password 123456, they will rather use a tool to encode it and store it as a different string.
As a result, a website will store your password hash 7c4a8d09ca3762af61e59520943dc26494f8941b (SHA1) instead of your password 123456.
What does this mean for you? If you use the same password, and the same encoding technology, the password hash will always be the same. In other words, to the naked eye, it might seem like the hash is totally harmless. But, there are lots of databases containing hashes of popular passwords, and by doing a quick search against those databases, you will quickly be able to discover that the mentioned hash are retrieved from the password 123456.
What do I mean? Even if you use a service only stores a hashed version of your password doesn't protect you. There are several things that can protect you more, such as adding a salt which is an additional string that will be added to your password, thus making the hash different whenever you use it.
Interesting, isn't it?
You can find more security and Internet-related articles in the IP Address Guide at https://www.ipaddressguide.org/
Reshared your post👍 Thanks for growing Crypto Culture🔥