Do you know how your passwords are stored on the internet? I thought I did until I found out that the password I set was being saved as something completely different after I hit save. While some websites are more secure and protected than others, every password protected website you use uses a similar algorithm to protect you and your privacy.
Most websites take plain text passwords (let's use 123 as an example) and use one way encryption called hashing to make them more secure. There are multiple hashing algorithms such as MD5, SHA-1, SHA-256 that take the password you put in to the server and save it to memory as a completely different, encrypted password. 123, for example, is hashed by MD5 as 202cb962ac59075b964b07152d234b70. Would you have thought of that?
Some hashing algorithms go the extra mile and add something called a "salt" to the encryption of your plain text password. This "salt" is a string of random characters that is added to some part of the password you input before it is encrypted. This makes your password super protected against hackers because it's pretty hard to determine the salts of many different passwords.
So if you have anything you need to hide, make sure that you're vigilant in finding out which of your websites keep your passwords (and your information) safe and protected. According to CloudFare, the best and easiest way to figure out if a website securely stores your password is to utilize the "lost password" option on the login page. If the website emails you your password in the same plain text that you entered, it does not use encryption or hashing and your account can very easily be hacked and viewed.
References:
@HubNestInc. "How Secure Are Your Passwords? - It Depends on How They're Stored in Databases." Secure Password Storage. N.p., n.d. Web. 04 Nov. 2016.
Gordon, Whitson. "How Your Passwords Are Stored on the Internet (and When Your Password Strength Doesn't Matter)."Lifehacker. N.p., 20 June 2012. Web. 04 Nov. 2016.
Held, Matthew. "5 Password Strategies To Keep Intruders Out." The Huffington Post. N.p., 29 Dec. 2015. Web. 28 Oct. 2016.
Jones, Adam, Alexandra Vasiliu, Stratos Sam, and Cezar Renta. "How To: Get Full-disk Encryption in Windows 10." FileCluster How Tos. N.p., 04 Dec. 2015. Web. 28 Oct. 2016.
Great article! I had no idea that websites store passwords as something different than what I entered. It really adds a whole extra level to cyber security that I had never thought of before. This reminds me of the encryption problem we did on one of our programming assignments. It's so cool that we programmed the most basic idea of encryption. Great job!
ReplyDeleteThis is super cool. I had actually never thought about how passwords are stored and how they cannot be stored directly, but it makes complete sense to ensure all of out information is safe. It is insane that they're stored as much more complicated strings of text like in the example of how 123 is hashed. Interesting article!
ReplyDeleteNice article. Reading this article definetly made me feel more secure about my passwords. Its pretty cool that passwords are stored as completely different encryptions. Are there any limits to the lengths of hashing. I wonder how many different hashes websites that are heavily used like Facebook, or gmail have.
ReplyDeleteHai Thanks sir, This blog is very very helpful. Congratulations for your great work. Apply Digital signature Certificate Online
ReplyDeleteThis is great blog. I am pretty much impressed with your good work. You put really very helpful information. Digital Signature Certificate in Delhi
ReplyDeleteHappy to see your blog as it is just what I have looking for. You are one of the well-known Class 2 Digital signature Certificate
ReplyDeleteDigital signatures have really improved the security level .To make the documents secure digital signature and encryption is the best way. And temperament is really not easy. Digital signature in Delhi
ReplyDeleteHi, Nice blog for Digital Signature. If you are looking for Digital Signature Certificate.
ReplyDelete