Hash Slinging

To most people, passwords are their life, they store all of their most valuable information behind a password. Whether it be entering ones house with a key or combination lock to logging into their phone with a pin, fingerprint, or face recognition, passwords are everywhere. Most people don’t realize the security and technology behind these methods and take it for granted the power being used to keep their information safe. Behind all the physicality of these locks, in the backend of each lock or wall, the passwords are being hashed or encrypted so hackers, even if they break in, can’t access your password, and let’s be real, most people use the same or almost identical passwords for pretty much everything.

What is hashing?

When a password is hashed the plain text of your password is scrambled and a new unique string of characters, numbers, and letters is produced to be stored in place for your password. This unique method of hashing is a one way function that that can’t be undone to reveal the original password. It is like a smoothie blender where you take all your ingredients and blend them into a smoothie, once it is blended it can’t be unblended and put back into the original ingredients. If a hacker were to break in and steal the hashed passwords, they would need to guess each password correctly in order to reveal what the actual password is, there is no algorithm that could unscramble the hashes once they are hashed.

What is encryption?

Encryption is different from hashing in that it is a two-way function in such that once your password is scrambled, it can be unscrambled and put back into its original form, which is decryption. Encryption is securing personal information like passwords, credit card numbers, or really anything you want to store away from hackers. When something is not encrypted it is just plain text, after it is encrypted it is called ciphertext. If a hacker were to break in and see plain text the password would literally be written out for them, but ciphertext is scrambled and can’t be read properly by a hacker, it is only visible to someone who has the proper key or password to decrypt it.

There are two different types of modern encryption, symmetric and asymmetric. They differ in that symmetric encryption uses one key, called a secret key, to encrypt and decrypt which is given to both the user and the server and is identical, while asymmetric encryption has two keys, a public key shared to the user for encryption to scramble the information coming in from the user and a secret key for the administrator for decryption to decrypt the data coming in so that the shared information between the two parties is protected.

What are some differences between hashing and encryption?

• Hashing is a one way function and can’t be undone, while encryption is a two way function and can be decrypted.
• A hashed value has a fixed length, while encryption does not have a fixed length.
• Hashing is more secure than encryption in comparison.