Reputation: 155
What is the need for a strong password?
Now a days each and every website recommend or force us to use a strong password. Every website is most likely that they hash the password and store it in their database then what is the need for strong password if they are hashing the password or why is it required in first place. Is it the same with salted hashing also?
Upvotes: 0
Views: 292
Answers (2)
Reputation: 33578
Because hackers try word lists and find out if they hash to the same value as stored in the database.
Weak passwords will be broken quickly, especially if no salt is used meaning that rainbow tables exist that allow lookups of the hash to find the password directly.
There is also the the threat of online attacks. e.g. an attacker trying every account against a web service login to see if they have password1, abc123, baseball, etc.
If you want a convenient way of having strong and unique passwords on every site you use, use something like https://lastpass.com
Upvotes: 1
Reputation: 3239
The reason for a strong password is because simple passwords can be more easily "unhashed" than a strong one. The larger character sets used in the password, and the longer the password it is, the harder it is to crack. Take a look at these videos as there is way too much information to discuss here:
https://www.youtube.com/watch?v=7U-RbOKanYs
https://www.youtube.com/watch?v=3NjQ9b3pgIg
Upvotes: 0
Related Questions
- Why is the use of special characters in passwords considered to be a strong password?
- How do password restrictions help security?
- Strong password in ruby
- Why restrict the length of a password?
- Why are banking passwords so weak?
- Security Beyond a Username/Password?
- How do you enforce strong passwords?
- password security question
- How to not hardcode passwords?
- Why do web applications insist on defining strict password rules?