Abstract
In this chapter we’re going to look at how you should go about securely storing passwords in your database. In most cases these will be passwords related to user logons for your application. In many ways a password is the most sensitive piece of information that we might store. If a user’s password is obtained by an attacker, then it is likely they can access all of the other information we hold about a user. Worse than that, despite recommendations to the contrary, most users reuse the same password across multiple services that they use. That means that if their password is breached in our application, then that may give an attacker access to accounts the user holds with other organizations.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to APress Media, LLC, part of Springer Nature
About this chapter
Cite this chapter
McGiffen, M. (2022). Hashing and Salting of Passwords. In: Pro Encryption in SQL Server 2022. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-8664-7_19
Download citation
DOI: https://doi.org/10.1007/978-1-4842-8664-7_19
Published:
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4842-8663-0
Online ISBN: 978-1-4842-8664-7
eBook Packages: Professional and Applied ComputingApress Access BooksProfessional and Applied Computing (R0)