We're using industry best practices for storing user passwords.
We're storing a SHA-256 hash of the password, which is by design a one-way function. There's no sane way to get a users password from its hash.
For extra security, though optional, we can add a salt to the password to make the resulting hash different even though originally passwords are similar. This adds an extra bit of security.
We're using industry best practices for storing user passwords. We're storing a SHA-256 hash of the password, which is by design a one-way function. There's no sane way to get a users password from its hash.
For extra security, though optional, we can add a salt to the password to make the resulting hash different even though originally passwords are similar. This adds an extra bit of security.