Re: gettin back crypted password

The way to use crypt for passwords is to apply it to an offered password and see if the crypted hash matches the stored one. That way, the password is stored nowhere on the machine. That is a feature.

It all works because the encryption is irreversable.

After Compline,
Zaxo

Comment on Re: gettin back crypted password

Replies are listed 'Best First'.
Re^2: gettin back crypted password by Anonymous Monk on Mar 08, 2005 at 05:31 UTC
Actually, it works because the encryption is well-defined. You can't decrypt because the encryption is irreversible.	[reply]
Re^3: gettin back crypted password by inman (Curate) on Mar 08, 2005 at 09:41 UTC
To be completely pedantic, the password is not encrypted at all. It is tansformed using a one-way cryptographic hash function that has been designed to have a low (close to zero) incidence of collision for any data. Examples include MD5 and SHA-1 algorithms.(A useful background at http://www.schneier.com/essay-074.html) If the Data was encrypted then it would have been transformed into another form in such a way that it could be decrypted at a later time. As such, you can't have irreversible encryption.	[reply]