Хэш, соль, как правильно хранить пароль в БД / Криптография для чайников, часть 2

🚀Become a qualified developer in 9+ months with IT employment — INCUBATOR: Front-end https://it-incubator.io/front-end/?ut... Back-end https://it-incubator.io/back-end/?utm... Participate in the GREENCARD giveaway https://greencard.it-incubator.io/ Top 5 books for programmers    • ТОП-5 книг, которые должен прочесть каждый...   Become a channel sponsor and you'll get access to exclusive bonuses. Learn more:    / @itkamasutra   You can support me on: Patreon   / itkamasutra   Boosty https://boosty.to/itkamasutra Support the project with a coin: https://social-network.samuraijs.com And here's free mutual aid: https://t.me/reactjs_samurai We're on social media. Social networks: https://vk.com/itkamasutra   / it.incubator   https://telegram.me/itkamasutra My personal VK and Instagram accounts: https://vk.com/d.kuzyuberdin   / dmitry.kuzyuberdin   0:00 Introduction: Why it's important to understand the topic 2:28 What is a hashing function, determinism, and irreversibility 7:00 Registration and authentication: Previously, plaintext passwords were stored in the database 9:50 Token 11:20 Hacker steals logins and passwords 15:30 Why not encrypt passwords? 17:30 Cryptographic hash functions in detail: irreversibility, determinism, high sensitivity, and collision resistance 21:25 Storing a password hash in a database instead of a password: how authentication works 25:00 Trying to get the desired hash by trying popular passwords 27:36 Rainbow tables 29:00 Salt: salting a password and why can't you prepare a rainbow table in advance? 31:50 Can you create a separate rainbow table for each password and salt? 34:00 Slow hash function 37:40 Example of a bcrypt hash 39:30 Final scheme for storing a password hash in a database 41:00 Need to continue? Content plans 42:00 Grow with us in our club https://it-incubator.io/dev-club