19 septiembre, 2024

What is salting in crypto? | Bootcamps

Do you know what is the salting in cryptography and why is it a good practice in password storage? In programming, it is very common to have to manage user passwords, since there are many applications that have registration systems. However, people’s sensitive credentials must be handled carefully because they are susceptible to many cyberattacks.

A very common cyber attack consists of filter databases from a web application. This occurs when a site’s cybersecurity is not properly configured. Through a SQL injection attack or OSINT methods, it is possible to access sensitive databases and then use them maliciously.

It is common for users to use the same password for several of their accounts, since it is difficult to remember a different and complex one for each record. Therefore, when a database is leaked, attackers will use passwords found on platforms such as Google, Facebook, etc., in order to hack vulnerable accounts.

For all this, below, we will see what is the salting in cryptography and how it helps prevent these attacks.

What is salting in crypto?

To understand what is salting In cryptography, you need to know that the best way to store a password is save your hash code, prepared by means of a cryptographically secure algorithm. In this way, the authenticity of the user’s session can be verified without having to directly save password data.

It is important to use password-safe hash functions, since some are not. However, it is useless to have the most sophisticated hash function if a user uses passwords that are too easy, such as «1234», «0000», «password», «qwerty», etc.

He salting It is a technique that consists of adding a random factor to each hash so that an attacker cannot predict it, even though the user’s password is not the most complex. Instead of hashing just the password value, the «salt» is a random string of data that is added to the message before passing it through the algorithm.

The systems they use salting complicate dictionary attacks and completely prevent password cracking via rainbow table attacks. Therefore, it is recommended as a measure to protect those users who choose passwords with intermediate difficulties and who, perhaps, are reusing them everywhere.

Key derivation function

You already know what he is salting in cryptography. Now, we will mention another method that is based on the salting to strengthen the security of key storage.

Although the salting is a system that reinforces the security of the hash codes of passwords in a database, a key derivation function is an even more strengthened mechanism. It was specially designed for hashing passwords and is very resistant to brute force attacks. Calculating the hash of a password with this method takes a little longer, which has been done with the intention of making third-party cyberattacks more difficult.

How to learn more?

Now you know what salting is in cryptography and why it is good for making secure password storage. If you want to learn more and specialize in cybersecurity, we have the best option for you. Don’t hesitate to join the Full Stack Cybersecurity Bootcamp and become a true expert in less than 7 months. What are you waiting for? Sign up now and stand out in the IT sector!

Deja una respuesta

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *