Two Steps to Protect Your Passwords
Conventional password security measures have become insufficient when massive data breaches frequently expose millions of users to hacking attacks. More than 92M customer records were recently exposed in the huge MyHeritage data breach. Even users with email addresses and salted SHA-1 password hashes were not safe.
While encryption is a two-way function of scrambling information in a way that only someone with a corresponding key can unscramble and read it, hashing is a one-way function, that involves the practice of using an algorithm to map data of any size to a fixed length. It is meant to verify that a file or piece of data hasn’t been altered — that it is authentic.
Salting is a unique value that can be added to the end of the password to create a different hash value. This adds a layer of security to the hashing process, specifically against brute force attacks, where a computer or botnet attempt every possible combination of letters and numbers until the password is found, as explained by thesslstore.com.
In October 2017, the genealogy website MyHeritage suffered a data breach. The incident was reported only seven months later after a security researcher discovered the data. In total, more than 92M customer records were exposed.
Why are you only hearing about this now? Sometimes there can be a lengthy lead time of months or even years before the data is disclosed publicly.
While encryption is a two-way function of scrambling information in a way that only someone with a corresponding key can unscramble and read it, hashing is a one-way function, that involves the practice of using an algorithm to map data of any size to a fixed length. It is meant to verify that a file or piece of data hasn’t been altered — that it is authentic.
Salting is a unique value that can be added to the end of the password to create a different hash value. This adds a layer of security to the hashing process, specifically against brute force attacks, where a computer or botnet attempt every possible combination of letters and numbers until the password is found, as explained by thesslstore.com.
In October 2017, the genealogy website MyHeritage suffered a data breach. The incident was reported only seven months later after a security researcher discovered the data. In total, more than 92M customer records were exposed.
Why are you only hearing about this now? Sometimes there can be a lengthy lead time of months or even years before the data is disclosed publicly.
No comments:
Post a Comment