A security engineer wants to ensure that even if two users have the same password, their stored password hashes are different. Which of the following techniques should be implemented?
Implement asymmetric encryption for password storage.
By adding unique data to each password before hashing, the engineer ensures that identical passwords produce different hash values. This method, known as salting, enhances security by preventing attackers from recognizing duplicate passwords through identical hashes. Using different hashing algorithms for each user is impractical and doesn't scale well. Implementing asymmetric encryption is not standard practice for password storage and doesn't solve the problem of identical hashes from identical passwords. Storing passwords in plain text is inherently insecure and should be avoided.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is salting in password hashing?
Open an interactive chat with Bash
Why shouldn't I use different hashing algorithms for each user?
Open an interactive chat with Bash
What are the risks of storing passwords in plain text?