What is password hashing really about

What is password hashing really about - Java Brains

Рет қаралды 50,678

Күн бұрын

When you enter a password to sign in to a website, what exactly happens there? What exactly is the site doing when it verifies if the password is correct? And what is it verifying against? Most websites don’t store your password directly, but they hash it instead. So, what exactly is password hashing? In this video, we will dive into the world of passwords and encryption and hashes and hacking and data breaches. And you’ll learn what password hashing is really all about.
Java Brains website: javabrains.io
#JavaBrains #BrainBytes #WhatIs #password #hashing #bcrypt #Java #Tutorial #Concept

Пікірлер: 77

@jatinchawla7687 4 жыл бұрын

Sir we have only one heart... How many times do you plan to win it!! Amazing explanation..

@sunitan6310 4 жыл бұрын

As always, you make complex topics understandable to even children. Thank you very much for these tutorials

@meow5861 Жыл бұрын

wow! Best explanation on password hashing and encryption I've ever found on youtube. Thank you very much for this tutorial.

@ipsitamajumder 4 жыл бұрын

Hello Kaushik . Thanks a ton for all your videos and beautiful explanation of the topics. It immensely helped me in preparing for my interviews and getting selected as well in a few companies even with a maternity (and chilcare) career break of 5 years . Kudos! :-)

@AakashSarraf 2 жыл бұрын

Simply wow !!! There couldn't be a simpler explanation of hashing than this..

@MadanNeelapu 4 жыл бұрын

Superb explanation bro :-) Explained so well that even a non-techy can understand. Waiting for the next one. Thank you so much. Pls give a byte about Reactive Programming Paradigm. Most of us having trouble understanding it.

@faisalrahman1405 2 жыл бұрын

H Kaushik. I signed in to just to let you know how helpful and wonderful your videos are. Thank you very much for such clear illustrations.

@arthurhenkin5437 2 жыл бұрын

Very good explanation, thank you very much! Many videos on the youtube are boring but this one isn't made me bored, it made me interested!

@rajkumarbhakthavachalam4879 4 жыл бұрын

Cristral clear explaination. Thank you Kousik. You are great.

@shashankbarole 4 жыл бұрын

Very informative and explained it in simple language. Thank you sir

@chethan93 4 жыл бұрын

Like always. Happy to watch your videos!!

@pclp3202 3 жыл бұрын

Great explanation sir. Please post & share more knowledge like this in "Brain Bytes" & "Java Interview coding challenges" playlist to your followers & fans :)

@ramanytube 3 жыл бұрын

Simple & Clear explanation Sir.

@ankitshah4211 4 жыл бұрын

simple, clear explanation as always

@moinakram4610 4 жыл бұрын

Excellent one Koushik . Can u explain with a example using spring Boot JDBC and MYSQL and hashing for authentication

@rajkhare5949 2 жыл бұрын

awesome explanation.....thanks for uploading such a nice video!!!!!

@PritamKumar-jh4te 4 жыл бұрын

Hello Sir, Eagerly waiting for your next video on 'Salting'. Please upload it.

@smartguy3k 3 жыл бұрын

Thank you so much for explaining it so well.

@sumitdas-kr6fe 4 жыл бұрын

very good explanation... i was always confused on this topic.

@bobwiggans4915 2 ай бұрын

Excellent explanation - thank you very much!!

@fareedmahar2587 4 жыл бұрын

Love You Sir Great Explanation.

@alokrm 4 жыл бұрын

very nice explanation. easy to understand.:)

@santoshdudhe5117 4 жыл бұрын

Very good explanation, i am huge fan of yours

@michellegutierrez4690 2 жыл бұрын

Thank you so much! You explain so easy

@laxmanbafna3127 2 жыл бұрын

superb explanation. just amazing

@taciturnip 2 жыл бұрын

Very well explained. Thank you.

@AkashVermaNITian Жыл бұрын

So In a nutshell - Encryption doesn’t serve the purpose of saving password on the app-server as it may lead to safety-breach!! This is because a pvt key is used to decrypt back the password in P.T. so that can be validated against incoming login request. This pvt key can also be stolen by someone who is having access to application DB or by a hacker. ( Its like saving your jewels in a safe and then keeping the safe-key beside the safe itself). Hence it (encryption mechanism) is still insecure. So, just remove this dependency over pvt key encryption mechanism. Solution: "Hashing"!! which creates a scrambled hash of a given password. And it will always generate the same hash for a particular password.(This is repeatable property of hashing, which is critical). Now the app-server doesn’t even need to store your password. While registering on the site, it simply creates the hash of your password and saves the hash (NOT THE PASSWORD). Now next time whenever you login, simply generate the hash of the incoming password and compare with the stored hash for authentication. #problemsolved!

@alihasanmulji370 4 жыл бұрын

Easy To Understand Good JOb!!!

@krishanuchakraborty3500 4 жыл бұрын

Such beautifully explained

@NIKHILKOMMURI 2 жыл бұрын

Unbeatable Explanation !!!!!

@ashoksoftware1664 4 жыл бұрын

Nice explanation sir @techrockstar and waiting for what is salting video.

@123deepakkakkar 2 жыл бұрын

Excellent explanation, Great.

@cherry1431 2 жыл бұрын

Hi Kaushik, that was a very clear explanation thanks a bunch. Can you please explain on salt n pepper as well. If already uploaded i cannot find the video on that.

@AminHasan85 4 жыл бұрын

Great explanation.

@rohithbti2k7 4 жыл бұрын

Amazing...too good. Thanks

@vaibhavkumararya 4 жыл бұрын

Good one

@vishwasatrey7096 4 жыл бұрын

Sir, can you do some tutorials on keyclaok? Please!

@ankit-gupta 3 жыл бұрын

Just wondering, why does a hacker always need to have an eye patch in your videos? 😂 Just kidding, your content is extremely good and helpful 👍

@chandratapkar7893 4 жыл бұрын

Great stuffs..

@sna241 3 жыл бұрын

I am looking forward to your salting video. In case if it is already uploaded and I failed to notice it, can someone please point me to it? Thank you.

@jatinnandwani6678 2 жыл бұрын

Thanks so much

@AkashVermaNITian Жыл бұрын

Mazaa aa gya!

@skullwise 4 жыл бұрын

Another great explanation. Love from Canada. #KaushikNo1Fan

@sreesri8492 4 жыл бұрын

I think your number is 2, 1 is me(from India)😋

@franklinquispegarces9692 4 жыл бұрын

When will be the next video? How can I implement Bcrypt in Spring Security?

@kushgupta6416 2 жыл бұрын

please explain salt logic also. as hashing alone is also not fully safe as if 100 people uses same password hash will remain same for all of them. which might give attacker some hints

@varunraj1862 Жыл бұрын

Hi Kaushik. Thanks for the information. Still waiting for salting video 😅

@vinodkvenugopal 2 жыл бұрын

Hi Sir, What if hashed value is hacked from database and fed as user input bypassing hash function?

@terrormapu 4 жыл бұрын

Thanks man

@vanchanr3777 4 жыл бұрын

sir what about hash collision?

@JaNaMSoNi 4 жыл бұрын

BCrypt create different hash for the same text So it doesn't fullfill 1st property of hashing which you mentioned.

@thomasandolf7365 4 жыл бұрын

that is because bcrypt adds something called a "salt" that is some extra values so everytime you encrypt the same text you get a different hash. But if you provide the same salt then you will get the same hash value.

@ssuresh237 4 жыл бұрын

Sorry I am a beginner. But what is the point of adding different value as salt and ending up in different hash values?

@eric000 4 жыл бұрын

@@ssuresh237 wait for the next video by java brains😎 that will be covered under salting.

@ssuresh237 4 жыл бұрын

@@eric000 okay👍 Thanks. 🙂

@nandini.nelson 4 жыл бұрын

Is it not possible for hackers to get the hash function? By phishing the hackers may get the original text from user. How to add security in that case.

@gobindrawat3496 3 жыл бұрын

Dear Sir , how exactly passwords get transferred from web application to LDAPs? Thnx

@monsterhuntergo Жыл бұрын

Hi Kaushik, I cannot see the salting video tutorial..?

@kirankutte7073 Ай бұрын

you said for when we tried to same input string,we always have same Bycrypt code.But when i use Bycrypt generator tool,its giving me different code for the same input.Please clarify this!

@bunthaideng2492 4 жыл бұрын

How to be an expert of researching some like that the same as you?

@forgiveness_denied 4 жыл бұрын

good topic! but it stores hash from different passwords, because when I’m trying to change my pass, it says that this pass was already used once, how can it be explained? thanks

@MrArchitgoel0877 4 жыл бұрын

Pretty simple..it checks your new password hash value with the one already stored in database as hash value is unique it will give you an error that you have to choose different password..or it depends on the implementation of the website that can store your 5 previous passwords to refrain you from using any old passwords..

@forgiveness_denied 4 жыл бұрын

@@MrArchitgoel0877 I hate it !! but it makes sense now ! thanks

@moestietabarnak 4 жыл бұрын

@@MrArchitgoel0877 just a note: hash value is NOT unique, It's in facts why it's not reversible. because many different input can give the same hash, you cannot reverse and find the original password. but you can find one that would hash to the same value. (it would take a LOT of times to do though. It's mathematically impossible, proof: let say you have a hashing value on 64 bits, ie: 2 exponent 64, you can make your hash different for any value between 0 and 2^64 ... but as soon as you put a 2^64 +1 value, you guarantee duplication.

@swagatikasahu1434 2 ай бұрын

I could not find any video of Salting in your channel

@angulardesign7412 3 жыл бұрын

how to do salting plz make a video on that

@SouravendraKrishnaDeb 4 жыл бұрын

YES. GIVE ME.

@AzizSdiri 2 жыл бұрын

I don't understand how you always get the same hashes for the same strings yet hackers are still unable to reverse it. doesn't that mean that there is an algorithm repeating the same work?