Hackers broke into an authentication server and stole all of the usernames and p

Question

Hackers broke into an authentication server and stole all of the usernames and password hashes for a popular website. Jonathan tells you his account was compromised almost immediately, even though his password wasn't even a real word--it was his name but with a zero instead of O and 4s instead of the A's. Which of these options would be a good way to help protect Jonathan's account in case hackers committed the same act again? Hashing all data in his account (not just the password) with a secure cryptographic hash. Encrypting his password with a SHA-256 cryptographic hash Using a password that is long (15 characters or more), diverse, and difficult to guess Ensuring his password is hashed with an SHA-2 or SHA-3 hashing algorithm. All of these options will help in this case. Storing his files on an online site that only uses the client browser to generate the password hash O instead of the server.

Explanation / Answer

Option 5, i.e. all the 4 options from start are correct.

1. If you secure the data with a cryptographic hash, then the data will be secure because It is not possible to reverse the hashed data.
2. A SHA-256 algorithm with a salt creates very secured passwords. Hence it is good way to secure.
3. A long and complex passwords create a lot of combination, and hence an attacker may not succeed in his attempts. If it is 2 characters long, there can just be 26*26 2 character long passwords.. while if they are 15 letters long, they will be like 26**15 which will be very huge.
4. SHA-2 and SHA-3 are considered as very secured protocols as compared to SHA-1 algorithm. Still it has not been compromised, while SHA-1 has already been compromised.

Related Questions

Navigate

• Browse (All)
• Browse H
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.