Question

We can use data hashing to safeguard passwords by hashing the password before saving it. When validating a user:

A. Retrieve the hashed password from the database and compare it directly to the entered password.

B. Hash the entered password using the same hashing algorithm and compare it to the stored hashed password.

C. Store the passwords in plain text to simplify the validation process.

D. Encrypt the password using a symmetric key and compare the encrypted values during validation.

Answer 1

The safe way to validate a user's password is to hash the entered password using the same hashing algorithm and compare it to the stored hashed password, ensuring that actual passwords are never stored in a readable form. so, option B is the correct answer.

Step-by-step explanation:

We can safeguard passwords by using data hashing. The correct approach when validating a user's password is:

B. Hash the entered password using the same hashing algorithm and compare it to the stored hashed password.

This means that when a user attempts to log in, the system will take the password they enter and apply the hashing algorithm to it. The resultant hashed password is then compared with the hashed password that is stored in the database. If they match, the authentication is successful. This method ensures that the actual password is never stored in a form that can be read or deciphered, even if the database is compromised. Storing passwords in plain text or using symmetric encryption for passwords are not secure practices and should be avoided.