11/1/2023 0 Comments 1 password authenticatorPerform user authentication where the user’s computer calculates the message digest of password and sends both user ID and password to the server for authentication.Rather than storing the password in unclear text format, calculate the message digest of the password and then store it in the user database.when a user enters a password, the users own computer run the algorithm on the password and sends the derived password to the server. to overcome from clear text password mechanism, this mechanism comes into the picture where an algorithm is run on the password and store the output of this algorithm as a password in the database. attackers can easily get access to the password. but what if an attacker gets access to this information while traveling from a users computer to a server computer, a user ID and password travels in clear text format. Password travel in clear text from users’ computer to server computer: if we store the user ID and password in an encrypted format, the first problem can solve. to avoid this, it is advisable to store the user ID and password in an encrypted format The database contains a password in clear text format: user database contains the user ID and password in clear text format, so if somehow attacker gets access to this user database, an attacker will get the kist of all user ids and passwords.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |