Hash Function Overview: Part 2

This post is in continuation from my previous post, that gives an introductory overview of what a hash function is (loosely also known as hashing, or a hash algorithm).

In this post, I’ll discuss a specific example where SendThisFile makes use of a hash algorithm.

At SendThisFile a hashing algorithm is used to store your account password. When you navigate to our free registration page, you are requested to enter a password. That password is sent — encrypted — to our servers and from there we run it through a hashing algorithm to generate a hash string of your password. From that point on your original plain text password is completely forgotten!

hashpt2We store only the hash of your password in our database. By doing this, if our database server was ever compromised, at most the “bad guy” would be able to gain only the hash of your password. And from the previous article, we learned that given a hash string only, you cannot reproduce the original plain text that was used to generate the hash — so your password is kept safe.

It is important to note that not even our own computer programmers are capable of recovering your password, given only the hash string. That’s why on responsible sites like SendThisFile, if you forget your password, you must go through a password reset process — as there simply is no way to recover the original.

Next step:  For a more detailed look at how a hash function works — including an example — check out this post!