What is a Password?
A password is like a secret key we use to access our online accounts, such as email, social media, or banking services. Protecting these passwords is essential to keep our personal and professional information secure.
What is "hashing"?
Imagine a machine that transforms a word or phrase into a unique code made of numbers and letters. This machine applies a function called hashing. When you enter a word into it, you get a unique result that cannot be reversed to discover the original word.
A Simple Example: Making a Cake
Think of baking a cake. You start by mixing ingredients in a specific order, but once they are mixed and baked, the result is a cake whose exact ingredient sequence is impossible to figure out. Similarly, hashing transforms your password into a code that does not allow the original password to be recovered.
For example:
- Original Password: Segur@123
Generated Hash: 5f4dcc3b5aa765d61d8327deb882cf99
Even if someone has access to the hash 5f4dcc3b5aa765d61d8327deb882cf99, they cannot figure out that the original password is Segur@123.
How Does Password Hashing Work?
- Hash Creation: When you create an account and set a password, the system applies a hashing function to your password, generating a unique hash.
- Secure Storage: Instead of storing the password in plain text (as some older systems still do), the system only stores the generated hash.
Verification During Login: When you enter your password to log in, the system applies the hashing function to the password you typed and compares the new hash with the stored one. If the hashes match, access is granted.
Why Does Hashing Protect Passwords?
- Irreversibility: Hashing functions only work in one direction. It’s not possible to take the hash and discover the original password.
Security in Case of Data Breaches: If a hacker gains access to the database, they will only find password hashes, not the passwords themselves.
"Salting" – Extra Security
To make the process even more secure, some systems use a technique called "salting." This means adding extra information to the password before applying hashing, like a secret ingredient in a recipe. Even if two people use the same password, the hashes will be different because of the salting.
Simplified Example of "Salting"
- Original Password: Segur@123
- Random Salt: XyZ!@#
- Password with Salt: Segur@123XyZ!@#
Generated Hash: e99a18c428cb38d5f260853678922e03
By adding this "salt," the hashing process becomes even more secure and resistant to attacks.
Conclusion
Password hashing is essential for protecting your online information. By transforming your passwords into irreversible codes and using techniques like salting, systems ensure that even in cases of data breaches, your passwords remain secure.
At Kangaroo Files, we take security very seriously. We use hashing and salting to store your passwords in the most secure way, along with the most advanced encryption and storage techniques to ensure your data is always protected.