The recent FlipBoard breach shines a spotlight again on password security and the need for organizations to be more vigilant. Password storage is a critical area where companies must take steps to ensure they don’t leave themselves and their customer data vulnerable.
Storing passwords in plaintext is recognized as a major cybersecurity blunder. Despite this, many companies, including Facebook and Google, have committed this faux pas. When hackers gain access to a plaintext password database, they then have access to all the user accounts in that system, but often, due to the reuse of passwords, it can create a breach domino effect for other organizations.
Why password hashing is essential
Password hashing, where companies encode passwords using a mathematical algorithm, has long been touted as the answer to this problem. Hashing is a one-way cryptographic transformation on a password, turning it into another string, called the hashed password.
When a user chooses a new password, the password is passed through a chosen hash algorithm that performs a mathematical transformation on it, creating a hash value. This hash value is typically represented in hexadecimal format.
This hash is the only thing that is stored for the user’s password. Since the hash algorithm only works in one direction, it’s infeasible to back out the original password using just the hash value (there are other ways to deduce the original password from the hash, but more on that in a minute).
The general idea is that storing hashes rather than plaintext password significantly reduces the possibility that a hacker could retrieve all of the passwords in the system—even if they gain access to the database.
Later when the ..
Support the originator by clicking the read the rest link below.
