Comments on: Hash Passwords in C# and Visual Basic Using SHA-512 http://www.adventuresindevelopment.com/2009/06/02/hash-passwords-in-c-and-visual-basic-using-sha-512/ Web Development Tools, Ideas, Techniques and Resources Thu, 01 Dec 2011 17:36:40 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Matthew Paulson http://www.adventuresindevelopment.com/2009/06/02/hash-passwords-in-c-and-visual-basic-using-sha-512/comment-page-1/#comment-366 Matthew Paulson Fri, 01 Apr 2011 17:06:26 +0000 http://www.adventuresindevelopment.com/?p=126#comment-366 You cannot. Hashes are a one-way function. You cannot. Hashes are a one-way function.

]]> By: Akin Kenneth http://www.adventuresindevelopment.com/2009/06/02/hash-passwords-in-c-and-visual-basic-using-sha-512/comment-page-1/#comment-365 Akin Kenneth Fri, 01 Apr 2011 16:01:16 +0000 http://www.adventuresindevelopment.com/?p=126#comment-365 How do i get the original password back? How do i get the original password back?

]]> By: Matthew Paulson http://www.adventuresindevelopment.com/2009/06/02/hash-passwords-in-c-and-visual-basic-using-sha-512/comment-page-1/#comment-137 Matthew Paulson Sun, 08 Nov 2009 07:10:16 +0000 http://www.adventuresindevelopment.com/?p=126#comment-137 Thinkerly - Yep. You actually keep the salt in a separate non-encrypted record of the database. I think the general idea is to add something to lengthen your string so that (1) it's harder to crack, and (2) any predefined dictionaries of password-hash combinations would be rendered useless...but I'm not much of a security buff, I could be wrong. :-) Thinkerly – Yep. You actually keep the salt in a separate non-encrypted record of the database. I think the general idea is to add something to lengthen your string so that (1) it’s harder to crack, and (2) any predefined dictionaries of password-hash combinations would be rendered useless…but I’m not much of a security buff, I could be wrong. :-)

]]> By: Thinkerly http://www.adventuresindevelopment.com/2009/06/02/hash-passwords-in-c-and-visual-basic-using-sha-512/comment-page-1/#comment-136 Thinkerly Thu, 05 Nov 2009 04:54:42 +0000 http://www.adventuresindevelopment.com/?p=126#comment-136 Then, if the salt provides entropy and become part of the digest, how can you test the password against the digest? Wouldn't the password that needed to be checked against the digest also require the same salt? Then, if the salt provides entropy and become part of the digest, how can you test the password against the digest?

Wouldn’t the password that needed to be checked against the digest also require the same salt?

]]>