On 30/04/15 01:39, »Q« wrote:
In <news:[email protected]>,
Daniel <[email protected]> wrote:
David, if the Master Password is not saved, how are the passwords
decrypted so they can be used??
A hash is stored, and when you enter the password, its hash must match
the stored hash.
That's an oversimplificatoin, The wikipedia has more about password
hashing at
<http://en.wikipedia.org/wiki/Cryptographic_hash_function#Password_verification>,
and you could scroll up to the top to get stuff about hashing in
general. Note that in the jargon of cryptography, "message" means the
hash function's input, in this case the master password.
Haven't read the link yet, but ....
If we assume a four digit, numeric only, password of "3072" (Decimal), I
could "hash", (i.e. subtract from) that with "9999" (Decimal) to produce
6927 (Decimal).
So, having encrypted my 3072, I must store the Hash, 6927, somewhere on
my computer, so that, when someone enters a "password", it's "Hash" can
be compared to the stored "Hash".
This mustn't be how it works, as it seems to simply!!
Guess I'll have to read the link!
--
Daniel
User agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:35.0) Gecko/20100101
SeaMonkey/2.32 Build identifier: 20141218225909
or
User agent: Mozilla/5.0 (X11; Linux x86_64; rv:36.0) Gecko/20100101
SeaMonkey/2.33 Build identifier: 20150215202114
_______________________________________________
support-seamonkey mailing list
[email protected]
https://lists.mozilla.org/listinfo/support-seamonkey
