You are viewing a single comment's thread from:

RE: How companies store your passwords

in #technology6 years ago

hehe yeah, it was the reason I wrote this article.
No in hashing is no deciphering key. A deciphering key only exists in encryption systems that work on both sites, but as explained you only can hash plain to hash. Hash to plain is not possible, therefor no deciphering exists in hashing.

The problem with twitter was, that they are logged the password before they hashed it.
Like this:

User enters password as plaintext -> send to twitter server -> LOGGED PASSWORD as plain (they should not do that) -> hashed the password -> notify the user if password was correct or not.

6 years ago in #technology by
$0.09
  • Past Payouts $0.09, 0.00 TRX
  • - Author $0.07, 0.00 TRX
  • - Curators $0.02, 0.00 TRX
2 votes
Reply 1
Sort:  
  • Trending
    • [-]
     6 years ago 

    Thank you very much for the detailed explanation, now I understand exactly what happened at Twitter.
    BTW that reminds me that I should change my password there ASAP :)

    $0.16
    • Past Payouts $0.16, 0.00 TRX
    • - Author $0.12, 0.00 TRX
    • - Curators $0.04, 0.00 TRX
    2 votes
    Reply

    Coin Marketplace

    STEEM 0.17
    TRX 0.13
    JST 0.027
    BTC 60777.85
    ETH 2609.63
    USDT 1.00
    SBD 2.65