Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Any time an application stores a password as cleartext, its value is potentially exposed in a variety of ways. Obviously this exposure must be limited. While a program will receive the password from the user as cleartext, this should be the last time it is in this form. Hash functions allow programs to indirectly compare an input password to the original, without storing a cleartext or decryptable version of the password. This approach will therefore minimize the exposure of the password without presenting any practical disadvantages.

Cryptographic Hash Functions

The value that a hash function outputs is called the hash value. Another term for hash value is message digest. Hash functions are computationally feasible functions whose inverses are computationally infeasible. This means that in practice, one can encode a password to a hash value quickly, while they are also unable to decode it.

...