|
|
|
|
|
|
by sarciszewski
3913 days ago
|
|
|
> In that case they should just leave out the examples entirely. I'll consider it. > Also I'm not sure "password hashing" is any more descriptive than "password encryption." It absolutely is. Encryption is a two-way transformation of data. It is, by design, reversible. Hashing is one-way. Password hashing is a special case of hashing where you want it to be computationally expensive (even with special hardware at your disposal) to attack, but still perform well enough to interact with. Password encryption implies that a two-way transformation has taken place, and given the key, you should be able to reverse it. This is not within the scope of the requirements for secure password storage. |
|
|