📚 Topic Summary
Secure password storage is crucial for protecting user data. Salting and hashing are two fundamental techniques used to achieve this. Hashing transforms a password into a fixed-size string of characters, making it unreadable. However, hashing alone is vulnerable to attacks like rainbow table attacks. Salting involves adding a unique, random string to each password before hashing. This makes it much harder for attackers to crack passwords, even if they obtain the hashed values. Together, salting and hashing provide a robust defense against password theft and unauthorized access.
Proper implementation of salting and hashing significantly enhances system security. Choosing strong hashing algorithms and generating sufficiently random salts are essential best practices. Regular security audits and updates further ensure the ongoing protection of sensitive data.
🧠 Part A: Vocabulary
Match the terms with their definitions:
| Term |
Definition |
| 1. Hashing |
A. A random string added to a password before hashing. |
| 2. Salting |
B. An algorithm that transforms data into a fixed-size string. |
| 3. Rainbow Table |
C. A precomputed table for reversing cryptographic hash functions. |
| 4. Cryptography |
D. The art of writing or solving codes. |
| 5. Brute-Force Attack |
E. A trial and error method used to decode encrypted data such as passwords. |
✍️ Part B: Fill in the Blanks
Complete the following paragraph using the words: salt, hash, secure, algorithm, password.
To store a __________ safely, you should never store it directly. Instead, use a hashing __________ to transform the __________ into a seemingly random string. To make it even more __________, add a unique __________ to each __________ before you __________ it.
💡 Part C: Critical Thinking
Explain why using the same salt for all passwords in a database is a bad security practice. What are the potential consequences?