Most common way to figure out a hashed password is to use brute force dictionary program to decrypt and figure out a hashed password. There are dedicated hardware just to crack weak hashed passwords. It all depends how the passwords has been "hashed" and what cryptographic algorithm was used, what techniques was used to hash a password and so on. Never assume a "hashed" password is always safe, not decryptable and uncrackable. Hashing Algorithms and Security - Computerphile (youtube).How NOT to Store Passwords! - Computerphile (youtube). Fundamental difference between Hashing and Encryption algorithms (stack overflow).So for a conclusion, you can "decrypt" a hashed password, but it's not easy. Then in the end the solution is still to brute-force the password(try every combination) then hash it and see if it matches the hash that's stored in the database. You can find out what password the user used, but then you need to know what hash string was used to hash it and also you need to know what hashing algorithm was used. Then simply compare those hashes and you know if the password is correct. Then how do you know what the correct password is? Well you enter the password and take that same hash string and then you will get the same hash. Then you store this password + hash in a database. Hashing works in basic terms, that you take a random string and mix that up (using a certain algorithm) with the password so that it becomes totally unreadable. You can't decrypt a hashed password, that would ruin the point of hashing.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |