0

Purpose of password encryption

I was wondering why do web applications encrypt the passwords when saving them to the database? If someone has access to the database, he can change the password if he wants. Then why should we encrypt passwords?

9th Jun 2021, 4:06 PM
tibi
tibi - avatar
4 Respuestas
+ 3
In real world or in bigger organization security place a vital role. You can't assure that db can be accessed only by authorised person, ideally we won't store password in db , it should be stored in vault. But if we stored in db then it should be stored in a encrypted way. https://www.codeproject.com/Articles/425150/Beginners-guide-to-a-secure-way-of-storing-passwor
9th Jun 2021, 4:13 PM
Nanda Balakrishnan
+ 1
Normally when hacker hacks database he doesn't get full access to database. He can just read other user's data. If passwords will not be hashed then he can easily get passwords and can access whole data of that user. If hacker get full access to database like modifying it then he can change it. If he will change it then real user can easily recover it. And access by hacker will be lost. We have make everything as secure as possible.
9th Jun 2021, 5:21 PM
🌀 Shail Murtaza شعیل مرتضیٰ
🌀 Shail Murtaza شعیل مرتضیٰ - avatar
0
@Nanda Balakrishnan Yes but the unauthorized person can easily change the password if he has access to the database
9th Jun 2021, 4:35 PM
tibi
tibi - avatar
0
Yes tibi if they get access it gone , but organization has security team to avoid hacks , intruders, etc. https://www.clicdata.com/blog/5-ways-to-prevent-unauthorized-access-of-your-company-data/ Read above blog will help you out.
9th Jun 2021, 4:56 PM
Nanda Balakrishnan