A brief recap: Obfuscating passwords is a security measure meant to protect our applications against unauthorized use. In order to keep messages confidential we encrypt them. The designated reader decrypts the message and reads it.
In order to keep a password secret we hash it. Hashing cannot be undone. It is a one way process.
Choosing a password is a serious matter. You may have seen the arguably most referenced comic in computer science https://xkcd.com/936/. When interpreting that it begs the question: "What is entropy?" A good place to start is https://explainxkcd.com/wiki/index.php/936:_Password_Strength, and think hard. Then we shall play a little to make it simple.
Try to imagine a language with only two letters and no words yet.
Now try to invent as many different words as possible with the two
available letters.
In order to visualize the task, consider the characters a
and b. Creating words there are ab, and
ba, but then again there is also aa, and
bb.
Trying to count the number of two letter words it is possible to create with two characters, you would have the choice of two letters for the first character, and for each of those, two characters for the second position totalling two times two, ie four.
Had we asked you to create say a four letter word with our two characters, counting the possibilities we would have two for the first position, for each of those two for the second postion, and for each of those two for the third position, and two for the fourth position. This would total two times two times two ... four times equalling two to the power of four, 24, sixteen, 16, possible words.
Let us then say that in stead of two letters we use the whole alphabet, all 26 lower case characters. Making a four letter words would entail 26 possible character for the first position, 26 for the second, etc. totalling 264. To look at the numbers you may look at an example application we prepared for this:
module.exports = {
entropy: function(req) {
let l = 8;
if (typeof req.body.pwdl !== 'undefined')
l = Number(req.body.pwdl);
let n = 0;
if (req.body.chars.includes('a')) n += 26;
if (req.body.chars.includes('b')) n += 26;
if (req.body.chars.includes('c')) n += 10;
if (req.body.chars.includes('d')) n += 20;
let w = n ** l;
w1 = w.toLocaleString();
e = Math.log2(w);
e = Math.round(e, 0);
bf = Math.round(w / (3.15576*(10**16)), 1);
bf1 = bf.toLocaleString();
return {
l: l,
n: n,
w: w1,
e: e,
bf: bf1
};
}
}Click here! (https://limitless-brushlands-73272.herokuapp.com/).
Now a concrete example:
A concrete, but not common, example from the daily life
of the owner of a tin foil hat
N = 27
L = 54
W = NL = 2754 = 196627050475552913618075908526912116283103450944214766927315415537966391196809
E = log2(196627050475552913618075908526912116283103450944214766927315415537966391196809) = 256.76