Do I really need hash passwords?

Question

Do I really need hash passwords?

I am creating a project that has a fairly basic login system. NO REGISTRATION is not available, users will be added manually. I also very well protected the input data. After all, do I still need to hash and even salt user passwords?

And if your answer is yes, the next question is: why?

+5

authentication database passwords hash

gkaykck Aug 24 '10 at 9:01

source share

10 answers

, , ? ( ) .

, , , , , , . ( ), .

+11

Jon Skeet 24 . '10 9:03

. , - .

+8

user151323 24 . '10 9:03

/ . - , , , , , , , . . , , , , , , , .

+5

Chris 24 . '10 9:18

, - , , .

" ", - 100% . - , , - . , , , , .

+2

BoltClock 24 . '10 9:02

, , , , , .

+2

zvrba 24 . '10 9:03

, . , , .., .

+1

DixonD 24 . '10 9:05

. , , . , .. . .

+1

tenfour 24 . '10 9:06

? , , . , / /, , . / , , , , .

+1

sqlvogel 24 . '10 10:11

.

, / .

0

Ken Aug 24 '10 at 17:17

source share

Ian Ringrose · Accepted Answer · 2010-08-24T13:43:45+0000

If you create a password for each user and do not allow the user to change the password, then you can do something not to hash them.

However:

You will need to explain to everyone who checks the system why you are not hashing passwords.
- , , .
, , .
, - .

, .

, , , .

( , .., )

Do I really need hash passwords?

More articles: