1
00:00:00,950 --> 00:00:06,280
So now we have completed hashing passwords in this don't salting and hashing passwords with big.

2
00:00:13,590 --> 00:00:15,180
So as you can see here, we keep.

3
00:00:18,930 --> 00:00:19,410
So.

4
00:00:22,680 --> 00:00:25,560
This is how to install makeup and women shall be equipped.

5
00:00:26,670 --> 00:00:27,390
Probably use it.

6
00:00:27,780 --> 00:00:33,390
Make it solid on plain text and some other plain text, and then to hash a password, you can use the

7
00:00:33,390 --> 00:00:39,480
general method or just do the hash meter reject password so you can go to the documentation, but I'll

8
00:00:39,480 --> 00:00:41,010
show you the procedure how to do this.

9
00:00:41,910 --> 00:00:45,600
So basically, before that, we're discussing procedure to do this.

10
00:00:46,800 --> 00:00:47,400
Excuse me.

11
00:00:49,450 --> 00:00:52,030
So in the previous industry there, hashing it.

12
00:00:53,140 --> 00:00:53,590
OK.

13
00:00:55,890 --> 00:01:00,870
This password, I said that this password can be cracked using a dictionary attack.

14
00:01:01,350 --> 00:01:08,460
So what we are doing is other than the password that the user is entering, that extending the length

15
00:01:08,460 --> 00:01:14,520
of the password by randomly, by adding some randomly generated set of characters to the password.

16
00:01:14,970 --> 00:01:18,300
So this randomly generated set of characters is called soldi.

17
00:01:19,510 --> 00:01:19,910
OK.

18
00:01:20,860 --> 00:01:23,530
So, for example, in the database, we installed the.

19
00:01:24,600 --> 00:01:31,830
So now you might get one, though, since we are salting it like randomly generated, got this hold?

20
00:01:31,950 --> 00:01:38,520
How would we how do we know which salt we have used when the user tries to log in to compare the password

21
00:01:38,520 --> 00:01:39,210
in the database?

22
00:01:39,690 --> 00:01:44,850
So basically, once this randomly generated salt is created, even stored the salt in the database.

23
00:01:44,910 --> 00:01:50,010
OK, so you're going to be storing the salt in the hash functions that we are using in the database.

24
00:01:50,520 --> 00:01:54,990
So we will get the password from the user, so we get the password from the user.

25
00:01:56,420 --> 00:01:58,130
And then we'll add it with the salt.

26
00:01:59,130 --> 00:02:05,050
And then this combined a new password with the larger length, then we'll use the hash function to.

27
00:02:06,080 --> 00:02:09,620
Hash function to it, and then this will turn into a hash.

28
00:02:09,770 --> 00:02:14,210
So not the length of the password, because that means the dictionary attack your your password.

29
00:02:14,210 --> 00:02:19,910
Being in the dictionary dictionary attack will be less, the chances will be less and just the length

30
00:02:19,910 --> 00:02:20,960
of the password increases.

31
00:02:20,960 --> 00:02:24,920
It will be it will take more time to crack it and mescaline grows exponentially.

32
00:02:25,900 --> 00:02:29,560
So this this will be doing using be clipped, so.

33
00:02:30,820 --> 00:02:38,860
Labor's bills can only calculate 17000 B capacities per second, whereas if you see the modified ish

34
00:02:38,890 --> 00:02:45,550
20 billion, so 20 billion and seventeen thousand that you know our lifetime difference.

35
00:02:45,550 --> 00:02:46,420
So yeah.

36
00:02:46,960 --> 00:02:51,730
So this is one of the industry standard algorithms that developers use to keep their users password

37
00:02:51,740 --> 00:02:52,120
safe.

38
00:02:53,020 --> 00:02:55,690
OK, now what do you mean by small drones?

39
00:02:56,940 --> 00:02:58,410
Solved problems.

40
00:03:00,020 --> 00:03:00,800
Any guesses?

41
00:03:03,900 --> 00:03:05,850
Basically solving multiple times.

42
00:03:06,360 --> 00:03:09,560
So you will have your passport solved.

43
00:03:10,290 --> 00:03:11,970
This will go through hash function.

44
00:03:13,100 --> 00:03:16,490
And then you'll get some hash now with this hash, you'll.

45
00:03:17,590 --> 00:03:18,490
And again.

46
00:03:19,620 --> 00:03:19,770
A.

47
00:03:21,620 --> 00:03:22,790
And this will go through.

48
00:03:24,150 --> 00:03:27,450
Your hash function and then this will produce some hash.

49
00:03:27,900 --> 00:03:29,460
And then again, you'll add some salt.

50
00:03:29,880 --> 00:03:37,140
So basically when hash function, you get the hash that will have it have more length, obviously.

51
00:03:37,560 --> 00:03:41,530
And then to that model, again, we're adding some randomly generated off characters.

52
00:03:41,550 --> 00:03:42,930
And again, we're passing this.

53
00:03:43,350 --> 00:03:48,870
So we'll be storing this salt every time that we ended it and then the hash function in the database.

54
00:03:49,410 --> 00:03:58,110
So doing this multiple times almost makes your, you know, the risk of your getting your passwords,

55
00:03:58,110 --> 00:04:03,900
getting breached to almost 0.1 percent so that it'll be very large chunks that are password will be.

56
00:04:05,910 --> 00:04:10,230
So the number of times we do this, the number of small drones, it is so now.

57
00:04:11,230 --> 00:04:13,270
There is one law called Moore's Law.

58
00:04:17,510 --> 00:04:25,370
It says it states that every year the number of transistors in a computer chip almost doubles and the

59
00:04:25,370 --> 00:04:27,740
cost of the faster computers half.

60
00:04:28,520 --> 00:04:33,020
So this is where smartphones is helpful and comes into the picture, OK?

61
00:04:33,050 --> 00:04:36,590
Basically, transistors increase and then the cost of the faster computers have.

62
00:04:37,310 --> 00:04:37,970
Will we have?

63
00:04:39,100 --> 00:04:46,530
So one note you have to remember is depending on the motivation, they also have a big good watch and

64
00:04:46,540 --> 00:04:48,610
that is compatible with that version of the note.

65
00:04:49,240 --> 00:04:54,400
OK, so there are very specific of not supporting unstable versions of note there.

66
00:04:54,880 --> 00:04:59,590
So there are more chances of bugs, and they are always recommend you to use the latest stable version

67
00:04:59,590 --> 00:05:00,040
of note.

68
00:05:00,550 --> 00:05:03,880
So one thing you have to remember is the note should be updated.

69
00:05:05,160 --> 00:05:07,950
If you're not, you should feel naughties are better.

70
00:05:09,850 --> 00:05:13,660
Then you can simply install be confusing and demonstrate to be correct.

71
00:05:15,660 --> 00:05:17,820
So this is how the baker looks.

72
00:05:18,390 --> 00:05:19,770
So we'll see the court for that.

73
00:05:22,010 --> 00:05:23,390
So this is basically the court for.

74
00:05:24,590 --> 00:05:25,700
Hashing and sorting.

75
00:05:26,090 --> 00:05:32,270
Well, actually, we have defined dark side rooms and then in the post request that it was in big report

76
00:05:32,270 --> 00:05:32,750
hash.

77
00:05:33,140 --> 00:05:36,820
So they're really getting this big refund, if you can see we have required this big trip.

78
00:05:37,070 --> 00:05:37,460
OK.

79
00:05:37,700 --> 00:05:39,050
That's why we're in level Typekit.

80
00:05:39,350 --> 00:05:42,410
Don't worry, you will be getting access to this phone call.

81
00:05:42,410 --> 00:05:45,440
You can go through all of the videos, but it's no problem.

82
00:05:45,800 --> 00:05:47,270
Nice try to understand the concept.

83
00:05:47,870 --> 00:05:53,900
So now we're getting using the password, using the body, you know, body parts, and then we are mentioning

84
00:05:53,900 --> 00:05:56,120
the Sartre's and then we'll be good.

85
00:05:56,510 --> 00:05:57,920
That will be a callback function.

86
00:05:58,360 --> 00:06:01,910
He added We are creating a user, so the user will be requested by relatives.

87
00:06:01,910 --> 00:06:06,170
And then when the password will be the hash that will be the hash will be getting from the encrypted

88
00:06:06,170 --> 00:06:09,980
hash to this function as a result of this thing.

89
00:06:10,940 --> 00:06:13,280
So as this is done, we can save that in the database.

90
00:06:15,290 --> 00:06:19,370
So once we say we can allow the user to render the posts.

91
00:06:20,470 --> 00:06:28,300
And then post metadata sent here to you can, you know, you can find the whenever that user is posting,

92
00:06:28,300 --> 00:06:33,160
you can find the hash from the database and then compare it with the result.

93
00:06:33,370 --> 00:06:34,840
If it is true, we will render it.

94
00:06:35,530 --> 00:06:38,370
So there is a function to compare that is being compared.

95
00:06:38,980 --> 00:06:41,170
So all of this documentation of it works.

96
00:06:41,170 --> 00:06:44,980
It is present over here like be CryptoCompare, be computer generated solid.

97
00:06:45,700 --> 00:06:48,730
So this is one way to do it where we can mention this all around.

98
00:06:49,150 --> 00:06:51,880
No need to mention any salt to generate salt.

99
00:06:52,810 --> 00:06:56,650
As you can see here, we are just mentioning the salt runs and it will do it by itself.

100
00:06:57,460 --> 00:07:00,460
So this is how Beecroft works for hashing and salt.

101
00:07:02,100 --> 00:07:02,410
OK.

102
00:07:03,240 --> 00:07:11,640
So with this, you completed the main portions of the said security, not indication, the remaining

103
00:07:11,640 --> 00:07:16,140
things are cookies and sessions and Google authentication.

104
00:07:16,860 --> 00:07:22,590
So what do you mean by cookies and sessions on Google authentication using passport logins for that

105
00:07:22,590 --> 00:07:26,550
and Google what we were dealing with the Google console and everything.

106
00:07:27,150 --> 00:07:28,620
So we'll see that from the next year.

107
00:07:28,630 --> 00:07:29,760
That's all for this video.

108
00:07:29,820 --> 00:07:30,180
Thank.