How To Keep Your Password Uncompromised And Safe Using Hash and Salt

Did you know WordPress doesn’t even know your password? It stores it as a hash. If you salt your hash, that makes the password very, very difficult to recover. Because you cant actually translate it due to the mathematical algorithm that was used to change your password, it’s not actually stored so if a hacker tries to retrieve your password its not even going to be there because it’s actually saved as the algorithm.  Usually, if your password gets compromised you entered it into a site that was storing the password in clear text. Here are some helpful tips, storing a  password in clear? text is stupid, storing a  password without salt is stupid, storing a  password with hash and salt is fine, but still sometimes not good enough. Using HMAC to store a password is better and using a standard Key derivation function, like PBKDF2 (that uses salt, password, HMAC and iterations) is much better. These will give you a fixed amount of security. Hopefully, this video will help you understand how to protect your passwords and whatever accounts you need to keep safe.