Password reset security relies on the server storing only salted hash values, not the original passwords; this article explains why plain‑text storage is unsafe, outlines hash algorithm types, demonstrates MD5’s shortcomings, and provides Java code for generating SHA‑256 + salt hashes.
This article explains why servers cannot know your original password, covering the principles of password hashing, the difference between cryptographic and non‑cryptographic hash functions, the role of salts, and a Java example using SHA‑256 with salt to securely store passwords.
After hands‑on experience with both Salt and Ansible, the author compares their terminology, architecture, community support, speed, code structure, security, auditing, deployment, learning curve, and documentation, concluding that Ansible excels in ease of use while Salt offers superior scalability and performance for cloud environments.
This article explains the concept of front‑end slow encryption, why making password hashing deliberately slower improves resistance to brute‑force attacks, how to implement it with salts and variable work factors, and the trade‑offs in performance, usability, and server resource consumption.
This article examines common pitfalls in password storage—from storing plaintext or reversible encryption to basic hashing, salted hashing, and advanced key‑derivation functions—explaining why each approach can be vulnerable and recommending robust methods like PBKDF2, bcrypt, and scrypt.
