Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Password_security_terminology_research_task_brenna

advertisement 
Password Security Terminology Research Task
Instructions
Read the resources provided on Moodle, and do your own research if necessary.
Answer the following questions IN YOUR OWN WORDS. A few simple sentences
for each answer to demonstrate your understanding is all that is required.
1. What is cryptography?
Cryptography is the practice of storing and transmitting data in a way
that is only legible to the intended party. An example of cryptography
would be to hide a message in an image or encrypting its contents
through an algorithm to scramble it.
2. What is the difference between password hashing and encryption?
Encryption is the practice of taking a plaintext password and changing its
contents according to an algorithm, which requires a key to decrypt it
back to its plaintext state.
Hashing is the practice of taking a plaintext password and turning it into a
fixed length string of characters, through hash sums. Hashing cannot be
decrypted at all and its use is to compare hash values of a given word to
see if it matches the hashed original file.
3. Why should we hash passwords?
In the event of a system breach, if an attacker was to navigate to where
the passwords were stored, having them hashed stops the attacker from
changing the permissions and escalating the violation as there is no way
to decrypt hash sums that represent passwords.
4. What is a salt in terms of security (rather than food)?
Salting a password is adding a set of random characters onto the start or
end of a password so the original password cannot be decrypted using
normal value checking decryption. For example ‘Bryan’ will have a
different value than Bryan7$6_9IJ, the latter being the original password
with the salt added onto it.
5. Why are MD5, SHA1 and SHA256 not recommended for protecting
passwords?
These hashing algorithms are built for speed and to be light on hardware,
and the same applies to someone willing to crack them.
6. What method should NEVER be used to store passwords?
A password should never ever ever ever be stored in plain text.
That’s just silly.
Brenna Bensley
Related documents
How to start Whitepins - AMAS-Team
How to start Whitepins - AMAS-Team
Slide 1
Slide 1
Password-Based Football
Password-Based Football
windowsAuthentication
windowsAuthentication
password - Department of Computer Science
password - Department of Computer Science
Edlio PowerPoint - Hemet Unified School District
Edlio PowerPoint - Hemet Unified School District
Learning to Live with an Advanced Persistent Threat PPT Only
Learning to Live with an Advanced Persistent Threat PPT Only
NID Password Change Frequency
NID Password Change Frequency
Log on to flinders.edu.au/setup 2. Enter your FAN & Password
Log on to flinders.edu.au/setup 2. Enter your FAN & Password
Server control panel
Server control panel
Age Category Common Sense Media Unit Resources Curriculum
Age Category Common Sense Media Unit Resources Curriculum
CS 433
CS 433
Massachusetts Institute of Technology Handout 3 6.857: Network and Computer Security
Massachusetts Institute of Technology Handout 3 6.857: Network and Computer Security
Security – 1h
Security – 1h
attacks
attacks
0619215666_237659
0619215666_237659
Chapter 4 Outline
Chapter 4 Outline
A Study of various combinations of password rule parameters v3
A Study of various combinations of password rule parameters v3
Crack that Password? - NYU Tandon School of Engineering
Crack that Password? - NYU Tandon School of Engineering
PASSWORD GUIDELINES
PASSWORD GUIDELINES
Password Encryption
Password Encryption
Intruders and Intrusion Detection
Intruders and Intrusion Detection
Download
advertisement