A.
In addition, the salt protects against the same password having the same hash value, and forces the attacker to compute a new hash for all passwords rather than use the same hash for all passwords
So you are saying that once an attacker has successfully cracked one password, instead of stopping there and using that password for a login attempt, they continue on to see if anybody else used the same password? Isn't a hacker's objective to crack a password so that they can successfully login? Why crack two if you already have one?
https://nordpass.com/blog/password-salt/
READ MORONS! AND NEVER LISTEN TO MELVINJOHN....I know him personally and he told me that he comes on here time to time and puts wrong answers..
Your passwords usually aren’t kept in the plain-text form. When you’re logging into your account, the password runs through a one-way hashing algorithm. This way, it turns into an unrecognizable, completely different string of characters. That string is then compared to the other hashes in the database, and if they match, you get to access the account.
While it may seem like a safe way to store passwords, there is a problem. If two passwords are the same, their hash is identical, which makes it easier to crack. This is where password salting comes in. A password salt is a random bit of data added to the password before it’s run through the hashing algorithm.
Imagine your password is ‘yellow.’ If another user has the same password, the hash output will be the same. But if you add a few random characters to both, you get two different passwords —‘yellow#1Gn%’ and ‘yellow9j?L’ — with completely different hashes. But how does it make them harder to crack?
A.
In password protection, salt is a random string of data used to modify a password hash. Salt can be added to the hash to prevent a collision by uniquely identifying a user's password, even if another user in the system has selected the same password. Salt can also be added to make it more difficult for an attacker to break into a system by using password hash-matching strategies because adding salt to a password hash prevents an attacker from testing known dictionary words across the entire system.
https://searchsecurity.techtarget.com/definition/salt#:~:text=In%20password%20protection%2C%20salt%20is%20a%20random%20string,in%20the%20system%20has%20selected%20the%20same%20password.
I like B.
"Hash functions can be made more secure by adding salt. Salt is a random value added to the plaintext. This helps to slow down rainbow table attacks against a hashed password database, as the table cannot be created in advance and must be recreated for each combination of password and salt value. Rainbow tables are also impractical when trying to discover long passwords (over about 14 characters). UNIX® and Linux® password storage mechanisms use salt, but Windows does not. Consequently, in a Windows environment it is even more important to enforce password policies, such as selecting a strong password and changing it periodically".
IT B
If two user using same password, their hash will be the same. By adding salt, if their password is the same. The hash of the two hashes is completely different. making retrieval process super slow.
https://auth0.com/blog/adding-salt-to-hashing-a-better-way-to-store-passwords/
Here is what I get from this question. You need to focus on two keywords there: "salting" the plain text and "hashing" the salted entry. That would give you possibly very very low chance that two hashes are identical. It sounds like its more of checking the salting process and analyzing the security of the password storing process.
I wanted to say 'D' as well, but salting a password does not PREVENT users from using short passwords.
I found this online: A cryptographic salt is made up of random bits added to each password instance before its hashing. Salts create unique passwords even in the instance of two users choosing the same passwords.
Answer is 'A'.
Why not B? By salting, you're adding a little bit of randomness that creates a hash-value that cannot be reverse-engineered easily, hence retrieving the password would take much longer for a hacker.
C. The process of salting passwords creates an extra layer that a malicious agent needs to crack before they can have full access to the password.
https://ice3x.co.za/salted-passwords/
It does not matter if you and I have the same exact password. In any large complex there are likely many duplicate passwords. But if those passwords are not salted then it makes it much easier fro a hacker to crack them. The main security goal here is to prevent a hacker from discovering your password. How is the prevention of duplicate passwords going to make your password more secure? C is correct.
It says duplicate values. If two ppl have same password, without salt the hash would be the same. Salting would prevent. Not sure how salting would prevent readable format
A:
A new salt is randomly generated for each password. In a typical setting, the salt and the password (or its version after key stretching) are concatenated and processed with a cryptographic hash function, and the resulting output (but not the original password) is stored with the salt in a database.
https://en.wikipedia.org/wiki/Salt_(cryptography)
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.SY0-501 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Elb
Highly Voted 5 years, 3 months agoMelvinJohn
4 years, 11 months agowho__cares123456789___
4 years, 3 months agowho__cares123456789___
4 years, 3 months agoLumeya
4 years, 3 months agoDion79
Most Recent 3 years, 10 months agoCstleafsz
4 years, 3 months agointegral
4 years, 4 months agointegral
4 years, 4 months agoDcfc_Doc
4 years, 6 months agoNot_My_Name
4 years, 6 months agoCoRell
4 years, 8 months agoMelvinJohn
5 years, 1 month agowediwa5563
5 years agoMelvinJohn
4 years, 11 months agoMagicianRecon
4 years, 10 months agothebottle
5 years, 2 months ago