Adding Salt to Hashing: A Better Way to Store Passwords

Рет қаралды 23,837

OktaDev

Күн бұрын

Пікірлер: 47

@cryptoninjapay Жыл бұрын

Love how you broke this down into easy to understand terms. Great explanation!

@WillJohnsonio Жыл бұрын

Thank you!

@SmallvilleJW Жыл бұрын

This was an awesome explanation. Thank you for making things easy to understand! Great job 😎

@WillJohnsonio Жыл бұрын

Thanks!

@ash_tray_6 10 ай бұрын

Man, this video is awesome hahaha your shadowboxing had me laughing out loud. Also holy crap your production quality and visuals are top tier. I can't imagine how long this took. Definitely the most clear and easy to understand video I've seen on hashing, you explained all the concepts in a human way, and not like a robot way lol. Instant sub! Great job

@OktaDev 10 ай бұрын

Thanks for watching and subscribing! Glad to hear this video was helpful for you. If there are other subjects you'd like to see covered let us know!

@kacy6014 Жыл бұрын

Best explanation ever. Only thing I would add is that you can append the salt to the hash, then store that in the db. That way you don't need a separate salt column in the db.

@WillJohnsonio Жыл бұрын

Great point!

@heyt54 Жыл бұрын

Either way, if the attacker gets the DB he also has the salt for each user. What the point then to use a salt, unless you keep it _separate_?

@r3jk8 Жыл бұрын

excellent video! every programmer should be required to watch this video!

@OktaDev Жыл бұрын

Thanks for the feedback! We're happy to hear you found it helpful.

@theisegeberg 2 жыл бұрын

Nice to get some things that I was "sort of sure that's how it is" hammered in. Great video, and great pacing.

@OktaDev Жыл бұрын

Thanks for your feedback! We'll be creating lots of more content like this to cover more identity and security concepts :) Please subscribe to our channel if you'd like to see more.

@WillJohnsonio Жыл бұрын

Thank you!

@ezcreations777 Ай бұрын

this was great! Thanks so much for being a good teacher Will

@Mister2023-e7f Жыл бұрын

good work, just wanted to watch part of the video and watched until the end

@panteliskaramolegkos2693 8 ай бұрын

...and this is how educational content should be made

@stringpicker81 Жыл бұрын

Informative and actually quite entertaining to watch!

@dominuskelvin 2 жыл бұрын

Awesome tutorial Will

@OktaDev Жыл бұрын

Thanks for watching!

@WillJohnsonio Жыл бұрын

Thank Kelvin!

@user-cc8kb 6 ай бұрын

Great explanation! Thanks

@MuddazC Жыл бұрын

Informative and educational 😊

@mihirsawant8817 2 жыл бұрын

Spring Security in Java Ecosystem right, its not for js I think

@iBasskung 9 ай бұрын

Nice info! Thanks so much.

@OktaDev 9 ай бұрын

Thanks for watching!

@NikhilChandel-xy2sw 2 жыл бұрын

can Auth0 provide user level resource access control overriding existing roles/permission hierarchies..just because we don't want to create too many roles&permissions

@pifele 2 жыл бұрын

Very nice video, thnx!

@OktaDev Жыл бұрын

Glad that you enjoyed it! Thanks for watching!

@devin7161 Жыл бұрын

Great Video

@OktaDev Жыл бұрын

Thanks!

@clcl18cl18 2 жыл бұрын

Well done video and cool looking guy🙂

@OktaDev Жыл бұрын

😎 Thanks!

@christianwunder7396 Жыл бұрын

Thank you for this!

@lessermook7608 2 жыл бұрын

nice work

@OktaDev Жыл бұрын

Thanks!

@JasDosanjh-mj9co 6 ай бұрын

you said the salt is stored in plaintext?

@sabuein Жыл бұрын

Thank you.

@OktaDev Жыл бұрын

You are welcome. Thanks for watching!

@ricardotrejoruiz5776 Жыл бұрын

I don't understand how a salted password with random salt can match the saved hash on database.

@WillJohnsonio Жыл бұрын

Great question! The salt should be stored with the hashed password When the checking the entered password the salt is grabbed and added to the entered password The stored salt is added to the entered password then hashed and compared to the hashed password in the database. Does that help?

@ricardotrejoruiz5776 Жыл бұрын

@@WillJohnsonio oook, kind regards :)