So to save password Hash

[Fou-lu 7]

I wonder what is the importance of using the Hash way to store passwords in the database, and the only one person (me) accesses the database.

[Dastgir 1246]

I wonder what is the importance of using the Hash way to store passwords in the database, and the only one person (me) accesses the database.

It's all about security, like suppose you have occured with database hack, so you will be secure that player's password is not exposed.

[Winterfox 83]

@@Pedroooo

 

It is used to change a password in a another word noone knows to save it in your database so that in case someone retrieves your database doesn't know the passwords of your users. Hashes are a one way encryption so you can't revert it to the original password.

 

The problem is that hashing alone doesn't do that good anymore, the widely used md5 for exampl isn't that safe anymore and there exist big rainbow tables for it that hackes can run against your hashes to get the actual passwords.

 

The recommended way is to salt the hashes. That means to add a unique random string to the password while hashing it and store that random string with the hash. Adding the salt to the hash ensures that every hash is unique even if the same password is used and rainbow tables will be useless since rainbow tables would need to have hashes that are generated with the same salt and password. Given that people are required to use decent passwords in combination with the mentioned salting it will take pretty long to even get even one password not to say all passwords there are in a stolen database.