Fou-lu 7 Posted October 26, 2015 I wonder what is the importance of using the Hash way to store passwords in the database, and the only one person (me) accesses the database. Quote Share this post Link to post Share on other sites
0 Dastgir 1246 Posted October 26, 2015 I wonder what is the importance of using the Hash way to store passwords in the database, and the only one person (me) accesses the database. It's all about security, like suppose you have occured with database hack, so you will be secure that player's password is not exposed. 1 Fou-lu reacted to this Quote Share this post Link to post Share on other sites
0 Winterfox 83 Posted October 26, 2015 @@Pedroooo It is used to change a password in a another word noone knows to save it in your database so that in case someone retrieves your database doesn't know the passwords of your users. Hashes are a one way encryption so you can't revert it to the original password. The problem is that hashing alone doesn't do that good anymore, the widely used md5 for exampl isn't that safe anymore and there exist big rainbow tables for it that hackes can run against your hashes to get the actual passwords. The recommended way is to salt the hashes. That means to add a unique random string to the password while hashing it and store that random string with the hash. Adding the salt to the hash ensures that every hash is unique even if the same password is used and rainbow tables will be useless since rainbow tables would need to have hashes that are generated with the same salt and password. Given that people are required to use decent passwords in combination with the mentioned salting it will take pretty long to even get even one password not to say all passwords there are in a stolen database. 1 Fou-lu reacted to this Quote Share this post Link to post Share on other sites
I wonder what is the importance of using the Hash way to store passwords in the database, and the only one person (me) accesses the database.
Share this post
Link to post
Share on other sites