avatarRuining All Your Branding

Free AI web copilot to create summaries, insights and extended knowledge, download it at here

1522

Abstract

o protect passwords stored in databases. When you create a password on a website, instead of storing your password as plain text, the system converts it into a hash using a hashing algorithm. This hash is a fixed-size string of characters that uniquely represents your password.</p><p id="e711">Key features of hashing include:</p><ul><li>Irreversibility: It’s computationally infeasible to reverse a hash back to the original password.</li><li>Uniqueness: Even a small change in the password creates a completely different hash.</li><li>Consistency: The same password will always result in the same hash with the same hashing algorithm.</li><li>Security: In the event of a data breach, attackers can’t easily retrieve user passwords from the hashed values.</li></ul><p id="bc68">However, hashing alone is not foolproof. Techniques like using a ‘salt’ (a random value added to a password before hashing) and choosing strong hashing algorithms enhance security. Salting ensures that even identical passwords will have different hashes, thwarting attempts to use pre-computed tables (like rainbow tables) for cracking hashes.</p><p id="b83a">In summary, high entropy in passwords makes them more secure against guessing or brute-force attacks. Password hashing, especially when combined with salting, further protects password data stored in databases, ensuring that even if data is compromised, the passwords are not easily recoverable.</p><figure id="1dd3"><img src="https://cdn-images-1.readmedium.com/v2/resize:fit:800/1*

Options

V5wybJteQM4dmbt7HWHM1g.png"><figcaption></figcaption></figure><p id="41c7">ANSWER <a href="https://www.linkedin.com/feed/update/urn:li:activity:7072606556235710465/?updateEntityUrn=urn%3Ali%3Afs_feedUpdate%3A%28V2%2Curn%3Ali%3Aactivity%3A7072606556235710465%29">here</a>.</p><figure id="e3d4"><img src="https://cdn-images-1.readmedium.com/v2/resize:fit:800/1*58tqu9J9HfqXFsqDUoa_Hw.png"><figcaption></figcaption></figure><p id="c332" type="7">What are you thoughts? Got any to add? Feel free to debate.</p><h1 id="1464">Citations</h1><figure id="586b"><img src="https://cdn-images-1.readmedium.com/v2/resize:fit:800/0*JeCN-K9VVjUI51zT.png"><figcaption></figcaption></figure><p id="bf3f">Like this story? Check out a <a href="/infoseconds/full-article-list-by-publication-73faed1b9d81">list of all articles</a>. Don’t forget to clap, <a href="https://infoseconds.medium.com/subscribe">subscribe</a>, or become a <a href="https://infoseconds.medium.com/membership">member</a>! If you’re feeling generous, <a href="https://account.venmo.com/u/root_">leave me a tip</a>! If you’re curious about <a href="/infoseconds/my-bibliographies-are-wrecking-my-medium-article-stats-6460dba00b70">sources</a>, on a separate page because long citations tank my stats! Be sure to also check out my other publications at <a href="http://history.internetarchaeology.io/">history.internetarchaeology.io</a>.</p><p id="f0e9"><i>The opinions and thoughts expressed on this platform reflect only the author’s views alone.</i></p></article></body>

Pop Quiz | INFOSECONDS

Do the Special Characters in SHA512 Improve Entropy?

Reblogging my greatest hits so you don’t have to.

Do the Special Characters in SHA512 Improve Entropy?

Entropy, in the context of passwords, refers to the measure of randomness or unpredictability in the password, which directly influences its security. Higher entropy means a password is less predictable and therefore harder for attackers to guess through brute-force methods (trying all possible combinations) or using common attack strategies like dictionary attacks.

Entropy Factors:

  1. Length: Longer passwords generally have higher entropy.
  2. Complexity: Using a mix of uppercase and lowercase letters, numbers, and special characters increases entropy.
  3. Unpredictability: Randomly generated passwords are more secure than predictable ones, like common phrases or sequential characters.

A high-entropy password is more resistant to attacks because it requires more attempts to guess. For instance, a password like “P@ssw0rd!” is less secure (lower entropy) than “7g!2B$vKp3X” because the latter is longer, more complex, and less predictable.

Password Hashing: Password hashing is a fundamental security practice used to protect passwords stored in databases. When you create a password on a website, instead of storing your password as plain text, the system converts it into a hash using a hashing algorithm. This hash is a fixed-size string of characters that uniquely represents your password.

Key features of hashing include:

  • Irreversibility: It’s computationally infeasible to reverse a hash back to the original password.
  • Uniqueness: Even a small change in the password creates a completely different hash.
  • Consistency: The same password will always result in the same hash with the same hashing algorithm.
  • Security: In the event of a data breach, attackers can’t easily retrieve user passwords from the hashed values.

However, hashing alone is not foolproof. Techniques like using a ‘salt’ (a random value added to a password before hashing) and choosing strong hashing algorithms enhance security. Salting ensures that even identical passwords will have different hashes, thwarting attempts to use pre-computed tables (like rainbow tables) for cracking hashes.

In summary, high entropy in passwords makes them more secure against guessing or brute-force attacks. Password hashing, especially when combined with salting, further protects password data stored in databases, ensuring that even if data is compromised, the passwords are not easily recoverable.

ANSWER here.

What are you thoughts? Got any to add? Feel free to debate.

Citations

Like this story? Check out a list of all articles. Don’t forget to clap, subscribe, or become a member! If you’re feeling generous, leave me a tip! If you’re curious about sources, on a separate page because long citations tank my stats! Be sure to also check out my other publications at history.internetarchaeology.io.

The opinions and thoughts expressed on this platform reflect only the author’s views alone.

Cybersecurity
Encryption
Security
Tech
Technology
Recommended from ReadMedium
avatarOccasional Toaster Botnet
Input Validation Failure

Captchas were born as an early form of MFA, and it seems effective use is still limited.

3 min read
avatarGiles Crouch | Digital Anthropologist
When All The Coders Are Gone.

When the coders are gone, will we miss them? The subculture? A glance 25 years into the future of almost no coders.

5 min read
avatarThe Secret Developer
The iPhone 16 Money Machine

Apple’s Sneaky Upsell Strategy

4 min read
avatarForrest Kasler
One Phish Two Phish, Red Teams Spew Phish

How to Give your Phishing Domains a Reputation Boost

15 min read
avatarAardvark Infinity
Advanced Registry Hacks for Red Team Operations Using PowerShell

In the world of cybersecurity, Red Teams play a crucial role in identifying and exploiting vulnerabilities within an organization’s…

3 min read
avatarProf Bill Buchanan OBE FRSE
A True Random Number Generator: Jitter Fluctions

The core of your security is typically explicitly linked to one thing … pseudo-random number generation. While we can integrate with a…

4 min read