(skeletor is leading by example by adding that unnecessary apostrophe…)

  • GiveOver@feddit.uk
    link
    fedilink
    arrow-up
    4
    ·
    8 months ago

    If you’re a company, you should save your users’ passwords as “hashes” which is like a scrambled up version, so if your data gets stolen the hackers will have to unscramble all the passwords which takes a long time. Some naughty companies don’t do this and save their passwords as plain text. The person above is presumably talking to developers to remind them not to be naughty

    • Kairos@lemmy.today
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      8 months ago

      I’m saying that password dumps are usually hashed passwords anyway, so there won’t be commas just base 64 along with usernames and other stuff that probably doesn’t contain commas.

    • Agent641@lemmy.world
      link
      fedilink
      arrow-up
      1
      arrow-down
      1
      ·
      8 months ago

      For the benefit of the person above you, thats not to say that hashed passwords are unbreakable, because hackers can build a thing called a rainbow rmtable where they hash a bunch of known passwords, words, and phrases, and then can compare their rainbow table agains a stolen hash to learn what the starting value might have been. Thats why a complex password is very useful