The best way to store passwords is:

Question

BlackTom AI · Accepted Answer

Question: The best way to store passwords is:

Since the list of answer options is not provided here, we can still reason about what constitutes best practice based on common security guidance.

- If the option is Hash + Salt: This approach is widely recommended. Hashing converts a password into a fixed-length string, and adding a unique salt per password protects against precomputed rainbow table attacks. The salt ensures that identical passwords result in different hashes, increasing security even if the hash function is the same.
- Why hashing alone is not enough: Hashing a password without a salt leaves the system vulnerable to rainbow table attacks, where attackers use precomputed lists of common password hashes. A salt defeats this by randomizing the hash output for each user, so precomputed tables are ineffective.
- Why hashing with salt and proper methods is better than plaintext: Storing passwords in plaintext is insecure because anyone with access to the storage can read all passwords. Hashing (with salt and appropriate parameters) ensures that even if the data store is compromised, passwords are not readily recoverable.
- Why not reversible encryption: Encrypting passwords with a reversible cipher means that access to the encryption key could expose all passwords. This is riskier than hashing with salts because the key itself becomes a single point of compromise.
- Enhancements commonly used in practice: Employ a password hashing function designed for this purpose (such as bcrypt, scrypt, Argon2, or PBKDF2) with a high number of iterations, a unique per-password salt, and, if possible, a pepper. This strengthens resistance to brute-force attempts even if the hashed values are stolen.
- About alternative incorrect options (if they were present):
  • Plaintext storage would be insecure because it exposes passwords directly.
  • Hashing without a salt allows attackers to reuse precomputed hashes and exploit identical passwords across users.
  • Reversible encryption (without a secure key management) risks key exposure.
  • A one-size-fits-all hash function with low iteration counts offers little protection against modern attackers.

In summary, the best practice is to store a per-password salted hash using a purpose-built password hashing algorithm with adequate iteration cost. This approach minimizes the risk of credential compromise even if the data store is breached.

4510_COMP_SCI_X_0019 Quiz 8

The best way to store passwords is:

View Explanation

Log in for full answers

Similar Questions

When designing a secure system, why is hashing preferred over encryption for storing passwords?

An important technique to mitigate password dictionary attacks is to ___________.

__________ is a technique used to help protect against attacks exposing the contents of the server where password information is stored.

A hash of data can be identified with attacks, so it is customary to add to a hash to ensure that the hash value appears to be different each time it is used.

In a consumer society, many adults channel creativity into buying things

Economic stress and unpredictable times have resulted in a booming industry for self-help products

People born without creativity never can develop it

More Practical Tools for Students Powered by AI Study Helper

Homework AI Solver

Stylized AI Paper Writer

Plagiarism Checker Assistant

Citation AI Academic Writing Tool

In-Class Translation Assistant

AI Note Generator

AI Quiz Answers

Past Exam Questions from University Test Bank

Smart Practice Assistant

Adaptive Practice

Making Your Study Simpler

4510_COMP_SCI_X_0019 Quiz 8

The best way to store passwords is:

View Explanation

Log in for full answers

Similar Questions

When designing a secure system, why is hashing preferred over encryption for storing passwords?

An important technique to mitigate password dictionary attacks is to ___________.

__________ is a technique used to help protect against attacks exposing the contents of the server where password information is stored.

A hash of data can be identified with ________ attacks, so it is customary to add ________ to a hash to ensure that the hash value appears to be different each time it is used.

In a consumer society, many adults channel creativity into buying things

Economic stress and unpredictable times have resulted in a booming industry for self-help products

People born without creativity never can develop it

More Practical Tools for Students Powered by AI Study Helper

Making Your Study Simpler

A hash of data can be identified with attacks, so it is customary to add to a hash to ensure that the hash value appears to be different each time it is used.