Cybersecurity - Memes

3122 readers

4 users here now

Only the hottest memes in Cybersecurity

founded 2 years ago

MODERATORS

Sam1232188@lemmy.world

neurohost@lemmy.world

Alphadef@programming.dev

CannaVet@lemmy.world

572

Uh oh, somebody's not following best practices, that's a paddlin (lemmy.world)

submitted 1 month ago by cm0002@lemmy.world to c/cybersecuritymemes@lemmy.world

103 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] bane_killgrind@slrpnk.net 19 points 1 month ago (1 children)

This is not what he meant. If the password is xyz he stores the hash (f*) for xyz and xy. When you change your password to xyb, it compares fxyz to the first saved hash and a truncated fxy to the second saved hash, flagging if you've only changed the last character. The mask length could be arbitrary and there can be many saved hashes at the expense of making password resets slow.

[–] goodeye8@fedia.io 11 points 1 month ago (1 children)

I get it now. They're comparing only trunks because the hash of the trunk wouldn't change.

[–] owenfromcanada@lemmy.ca 3 points 1 month ago

Yep, that's what I meant. Pretty sure my company does this, because they can detect this, and I know enough of our IT to believe they're not storing passwords in plaintext.