passwords
how are passwords stored of each individual users in web sites like orkut/yahoo etc. ????if it is stored in the orignal form will not be very easy for the administrators to obtain them ???
Replies
-
Kaustubh Katdare
Passwords are usually stored in encrypted form. Therefore, even the administrators cannot read your passwords.abhimanipalhow are passwords stored of each individual users in web sites like orkut/yahoo etc. ????if it is stored in the orignal form will not be very easy for the administrators to obtain them ???
On CrazyEngineers, the passwords are stored in encrypted form. The administrator can only reset your password. This is to ensure that your privacy is protected.
I hope this answers your question.
-The Big K- -
Prasad AjinkyaA safer method for saving passwords would be hashing them and storing the hash key ... a la md5. Thus, the sanctity of the password remains only with the user who has input it. When the user is inputting this in through a form, there should also be a client side .js file which can convert the pswd into a hashkey and then submit this over the net. Thus, the actual password is never transmitted on the net. howzzat?
-
A SudhaKarYa What admin says is correct,
As me to a Admin in other site,
@ any rate the Admin or any one could not able to see the password of their users.
Rather he/she can reset or Give New Password.
Bcoz passwords are the only hidden thing by machines in the form of encryption , decryption , authorization etc...
Where Human Contnously try to waste trying by haking ...
Hope So, It helped
Regards,
A.Sk... -
Anil Jain
Am not a hacker.. BUt for your kind information I read siomewhere that seemingly great MD5 files can be hacked.. (although its tough to solve factorial 20 combination.. ) but I can write a program for facorials and break it.. Am I CRAZY on this.. or this is impossible.. ???kidakakaA safer method for saving passwords would be hashing them and storing the hash key ... a la md5. Thus, the sanctity of the password remains only with the user who has input it. When the user is inputting this in through a form, there should also be a client side .js file which can convert the pswd into a hashkey and then submit this over the net. Thus, the actual password is never transmitted on the net. howzzat?
Your comments...???
--crazy -
pad
Dear Crazy... well that is a cray idea but certainely not something new...crazyboyAm not a hacker.. BUt for your kind information I read siomewhere that seemingly great MD5 files can be hacked.. (although its tough to solve factorial 20 combination.. ) but I can write a program for facorials and break it.. Am I CRAZY on this.. or this is impossible.. ???
Your comments...???
--crazy
i'll describe first the shadow mechanism from the Unix world and tell you what is possible and what is not.
when i change/set my password system computes a hash using a "salt" to add computational complexity. i.e. same algorithm with same password will not generate the same hash without using same salt. so if i add a 10 bit salt i can have about 1024 different hashes for the same password with same hashing algorithm.
my password is never ever saved on a host.
now breaking the password (well this is wrong to say.. right is find the loophole in password verification method... but for the sake of siplicity we'll use the term u use).....
what is possible... well write a program that computes hash for all the stings supplied to it with all the possible salts and compare the results with the hash at hand if hash matches then u've broken the password.
sounds simple... right... ? to me too theoritically...
now do some mathematics and compute how much time is required to braek a password of length 8 characters and every character can be one of 80 possible characters. (if i am right it is 80*80*80*80*80*80*80*80=1,677,721,600,000,000 combinations) now multiply it with 1024 (1,717,986,918,400,000,000) to accomodate salts...
if we compute 1,000,000 passwords a second we require 1,717,986,918,400 seconds, which equals 828504.49 days or 2269.87 years.... of course the worst case scenerio... average case about 1000 years...and best case you already know the password
how crazy this seems to you now...😉 -
A SudhaKarpad really your infos with explanations were sounds good.
I got cleared perfectly.
Regards,
A.Sudhakar... -
miteshmananihey recently i saw ankit fadia on televion on some of the news channel and demontrated on hacking of passwords quite easily.
that is supposed to be caled as Ethical Hacking.
Can ne one contribute information on what "Ethical Hacking" actually.
I appreciate the above information conveyed is fantastic and does take years to break password but then how that person could do it? -
pad
i'm no authority on Ankit Fadia... why dont you try and find something on him in Real IT security groups...miteshmananihey recently i saw ankit fadia on televion on some of the news channel and demontrated on hacking of passwords quite easily.
that is supposed to be caled as Ethical Hacking.
Can ne one contribute information on what "Ethical Hacking" actually.
I appreciate the above information conveyed is fantastic and does take years to break password but then how that person could do it?
i found following...
#-Link-Snipped-#
Ankit, DOS what?
no insult meant... no personal grudge... -
miteshmanani
wooohh...that was like a rocket fired no sooner you might have seen his name. neways m no fan of him. just requested a peice of infomation on ethical hacking.padi'm no authority on Ankit Fadia... why dont you try and find something on him in Real IT security groups...
i found following...
#-Link-Snipped-#
Ankit, DOS what?
no insult meant... no personal grudge... -
kalyan553computer stores password hash key instead of password
You are reading an archived discussion.
Related Posts
Funny that no one posted about Music, yet 😁.
I still remember during my engineering days, I got hooked onto Trance and Techno ... twas my 3rd semester, when I...
well!this is an era of hi-fi technology.and today's human being's virtually eat,drink&sleep tecnology!wait,i mentioned sleep,rite?:sleeping:
yes!i did mention sleep! ie. what i mean to say is that howmuch ever technology...
CEans!
I wish a very HaPpy & Prosperous New Year to all Crazy Engineers! May the new year bring you lots of exciting times & success. Let us create a...
I'm sure, this one is going to touch your emotions. 😁
Lately, I've met many die-hard Microsoft haters who think Microsoft products are all screwed up. This thread is dedicated...
why such a particular selections of keys to unlock in xp ?????is it randow or is there some reason ????