HOW ARE PASSWORDS SAVED IN A SERVER | TechWiber |
We all Sign Up, Log in or create accounts on one or the other website or app in our day-to-day life. While creating an account or signing up we put some passwords and hit sign up. When we sign up the username, password, and some other basic information (which includes email, mobile number, postal codes, etc) is sent and stored on the server.
Do you think the password you enter is saved as it is or as plain text? For example: Say "QWERTY" is your password, Do you think it is saved as "QWERTY" as it is? The answer is a big NO.
The passwords we enter are converted to hash or is hashed. For example: as above we have "QWERTY" as our password, so the hash of this is
"c3981fa8d26e95d911fe8eaeb6570f2f" 👈 this is hashing.
This type of hashing is called the MD5 hashing method. Types of hashing include MD5, SHA-1, SHA-2, SHA-3, and so on.
In our case, it is an MD5 type of hashing. MD stands for Message Digest.
It can still be used as a checksum to verify data integrity, but only against unintentional corruption. It remains suitable for other non-cryptographic purposes, for example for determining the partition for a particular key in a partitioned database.
It can still be used as a checksum to verify data integrity, but only against unintentional corruption. It remains suitable for other non-cryptographic purposes, for example for determining the partition for a particular key in a partitioned database.
MD5 was designed by Ronald Rivest in 1991 to replace an earlier hash function MD4 and was specified in 1992 as RFC 1321.
So when a hacker tries to hack into a server he gets hashed code (i.e.
"c3981fa8d26e95d911fe8eaeb6570f2f " 👈 like this) so he has to crack this code to get your password.
So how does he do that? Well, he Decrypts the hashed code or the Encrypted code to get your password.
Using weak or most commonly used passwords helps a hacker to crack your password easily using these methods. This is a basic method to crack a password, but there are many advanced methods to crack a password.
To know if your password has been pwned go to these websites and put your password to check if it has been pwned.
Have I Been Pwned? is one of the best websites to check if your password is pwned.
HAVE I BEEN PWNED | TechWiber |
To check if your password is most commonly used download the file below and search your password in the list! (by RockYou)
Most Commonly Used Passwords
To generate the hash of your password goes to MD5 Online to encrypt your password.
If you think your password is pwned try decrypting it Here if it gets decrypted then your password is pwned.
This is one of the methods to decrypt a password if it doesn't get decrypted then it does not mean that your password is safe.
Make sure you generate a strong password using some online password generators like passwordgenerator.net, lastpass.com, etc to be safe from hackers.
This is one of the methods to decrypt a password if it doesn't get decrypted then it does not mean that your password is safe.
Make sure you generate a strong password using some online password generators like passwordgenerator.net, lastpass.com, etc to be safe from hackers.
Post a Comment