Free Republic
Browse · Search 		General/Chat
Topics · Post Article

To: PastorBooks

There’s another way the press usually gets it wrong. Passwords aren’t encrypted, they’re hashed.


7 posted on 07/04/2011 4:27:14 PM PDT by antiRepublicrat
[ Post Reply | Private Reply | To 4 | View Replies ]

To: antiRepublicrat
> Passwords aren’t encrypted, they’re hashed.

Generally true. But strictly speaking, it depends on whether the cleartext password can be obtained from the other. If so, it was encrypted. If not, it was hashed. Hashing is forward-only, and often adds or discards selected information, while true encryption maintains all original information intact and therefore can be reversed (decrypted).

There's generally no good reason to encrypt passwords; hashing is sufficient since the auth test is usually just a match of the hashed forms.

But hey, Unix crypt(3) is really just a hash, using the supplied password as a 56-bit key to the DES Data Encryption Standard working on a block of all-zeroes. So the naming confusion has a long-standing basis... :)

8 posted on 07/04/2011 4:59:39 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 7 | View Replies ]

Free Republic
Browse · Search 		General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson