Adding Salt to Hashing: A Better Way to Store Passwords

Показать описание

Adding salt to hashes refers to adding random data to the input of a hash function to guarantee a unique output, even when the inputs are the same. In this video Developer Advocate Will Johnson walks you through the benefits of adding Salt to your Hashes and breaks down how the process works.

Corresponding Blog Post:

Chapter Markers:
00:00 Introduction
03:08 The Vulnerabilities of Unsalted Hashes
07:24 Mitigating Password Attacks with Salt
12:17 Generating a Good Salt
17:06 Recap and Conclusions

#hashing #login #developer #authentication
-----------------------------------------------------------------------------------------------

Рекомендации по теме

Комментарии

Love how you broke this down into easy to understand terms. Great explanation!

cryptoninjapay

This was an awesome explanation. Thank you for making things easy to understand! Great job 😎

SmallvilleJW

Best explanation ever. Only thing I would add is that you can append the salt to the hash, then store that in the db. That way you don't need a separate salt column in the db.

kacy

excellent video! every programmer should be required to watch this video!

rjk

Man, this video is awesome hahaha your shadowboxing had me laughing out loud. Also holy crap your production quality and visuals are top tier. I can't imagine how long this took. Definitely the most clear and easy to understand video I've seen on hashing, you explained all the concepts in a human way, and not like a robot way lol. Instant sub! Great job

ash_tray_

Nice to get some things that I was "sort of sure that's how it is" hammered in. Great video, and great pacing.

theisegeberg

...and this is how educational content should be made

panteliskaramolegkos

good work, just wanted to watch part of the video and watched until the end

rubblvb

Informative and actually quite entertaining to watch!

stringpicker

can Auth0 provide user level resource access control overriding existing roles/permission hierarchies..just because we don't want to create too many roles&permissions

NikhilChandel-xysw

you said the salt is stored in plaintext?

JasDosanjh-mjco

Spring Security in Java Ecosystem right, its not for js I think

mihirsawant

I don't understand how a salted password with random salt can match the saved hash on database.

ricardotrejoruiz

Adding Salt to Hashing: A Better Way to Store Passwords

Adding Salt to Hashing: A Better Way to Store Passwords

Password Hashing, Salts, Peppers | Explained!

Salted Password Scheme - Applied Cryptography

Salting, peppering, and hashing passwords

Password Storage Tier List: encryption, hashing, salting, bcrypt, and beyond

How to salt and pepper passwords?

System Design: How to store passwords in the database?

What is salting and hashing? #techexplained #tech

Hashing and Digital Signatures - CompTIA Security+ SY0-701 - 1.4

How to Store Passwords - A Tutorial on Hashing and Salting

Using Hashing and Salting

Best Practices for Hashing and Salting Passwords in .NET

Understanding Password Hashing, Salt & Pepper | Complete React Course in Hindi #48

Hashing in Python: Using Hashlib Library for Secure Hashing

PHP SHA1 Salt Encryption Tutorial

HASHCAT Tutorial for Beginners || SHA,MD5,BCRYPT & salted hash ||Exercise Also ||

Protect passwords with hashing and salting

Tech Talk: How to safely store passwords using salts and hashing algorithms

What Is Hashing? | What Is Hashing With Example | Hashing Explained Simply | Simplilearn

Why Passwords are stored as Hash & not Encrypted? Why Hashing + Salting is secure than Encryptio...

Make Your Password More Secure Adding COST and SALT on Hashing Algorithm in PHP #59

What is password hashing? [Simplified]

Playing with Hashing 03: Salting and Peppering

How to convert C password hashing with salt to python for windows