“I’ll Have the Hash with a Dash of Salt”

If you haven’t been living under a rock for the past few years you've probably had to create a password at some point for a website.  What you may not have thought of, however, is how this password is stored on said website and how secure your profile actually is.  As you will soon learn, some sites store passwords differently than others.  This means that your password may be more safely stored on some sites than others.

If your password is stored in plain text, the strength of your password doesn't matter.  If the site’s security is compromised, your password would be accessible to anyone.

A more advanced way to store passwords on the web involves encryption.  According to LifeHacker, encryption uses a special key to turn your password into a random string of text.  In this case, a hacker would need the encryption key and your password in order to access your account.

Unfortunately the key is often stored on the same server as the passwords are, meaning that if a hacker gains access to one they’ll automatically have the other.  This makes this particular method still a poor choice where security is concerned.  Again, the strength of your password here makes little to no difference if the hacker has the encryption key.

The more secure method of password storing involves hashing.  Hashing also involves storing passwords as a random string of text.  However, in this method you can’t run the algorithm backwards to get the original password.  The problem with this method is that the hacker can still try a combination of passwords with hashes, something computers are very good at.  While a longer password means that even this method is still fairly vulnerable.

The fourth method are hashed passwords with a dash of salt.  We’re not talking about your average dinner table salt here either.  In this case salt means adding a random string of characters to the beginning or end of your password before hashing it.  This makes it very difficult for those salted hashes to be found in the tables hackers use to de-hash passwords.  In this case the strength of your password definitely matters.

While it may not always be possible to prevent hackers from breaking into a site, you can take certain measures into your own hands.  Some of these include choosing secure sites to begin with, using a strong password, changing your password after a breach, and using a different password for every site.