Protect passwords like a PRO!

Understanding password protection

It is very easy to create a website these today’s but it is becoming harder to guarantee your customers complete security when they are signed in. One question many people have is what do our password look like to businesses? Here’s a little background into password protection and the many layers that make some of the pro’s like Dropbox so secure.

Plain Text

  • Passwords can be seen 
  • unsecured

Encryption

  • Under encryption is still plain text password
  • Can be decrypted to reveal a password
  • Requires encryption keys

Hashes

  • A string of text that always has the same length
  • One-way 
  • Don’t store the actual password
  • Rainbow tables (lists of pre-computed hashes to find weak and commonly used passwords)
  • Salt can be added
    • Random data added to the end of a password
  • Bcrypt , Scrypt, Argon2 (password + salt + cost)
    • Cost defines the number of rounds the algorithm goes through

Dropbox uses multiple layers of security. Password + Hash + bcrypt + Encryption (encryption key not stored in database)

Dropbox Security

Any Thoughts?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s