In password authentication, most developers use hash value generation. Hash value has a unique value for every word. If two users have same password, both has same hash value for their password. The solution is to generate salt value for password. Before proceeding hash generating, password is appended with salt value. The salt value is not a secret value. For validation, hash value and salt value must be known from the developer.
Following article for user authentication described clearly with sources..
https://crackstation.net/hashing-security.htm#normalhashing
No comments:
Post a Comment