Edit: Thank you everyone who’s taken out time to explain it to me. I’ve learnt so much. Appreciate it.
Yes, I do use ‘thrice’ in my conversation whenever required. I’m glad it amused so many of you.
In: Technology
* Modern passwords work by a process called “hashing”.
* Hashing basically means:
* you take some input, like the characters someone enters for a password, and you shove it through a machine.
* That machine then spits out some new string of characters that doesn’t seem like it has anything to do with what was shoved in to start with.
* But the trick is that it does have some sort of connection.
* The only way to get that specific output is to feed in that specific input.
* So when you sign up an account with a website, they take the password you made up, shove it through their hash-machine and then store the output.
* So even if they get hacked, the hacker will only get the hash, not the password.
* But when you go back to the website and enter in your password their hash-machine will spit out the correct “hash” and since it matches with the one linked to your user name, they let you in.
* However, if a hacker was able to steal a complete list of all the hashed passwords for a site, they could build their own hash-machine and just start trying every possible combination of inputs to see if one of them spits out a hash that was in the list.
* This would allow them to make as many attempts as they want without running into the rate limit on the website.
* This is typically not easy to do though.
* So most hackers actually just try to trick you into giving them your password.
* Like sending you a link on Facebook that looks like it leads to a login-page when really it’s a fake website that just copies whatever you type in the password box.
* EDIT: Updated to more directly answer OP’s question.
Latest Answers