Join Kevin Skoglund for an in-depth discussion in this video Salting passwords, part of Ruby on Rails 3 Essential Training.
- View Offline
- Exercise Files
Hashing passwords before storing them in the database is a great start towards…better password security.…But it's easier to take it one step further and make things much more secure by…using a technique called salting passwords.…First, let me explain the weakness in our current hashing scheme.…If we only hash our passwords like we did in the last movie, then a hacker could…take every word in the dictionary plus every possible combination of letters,…numbers, symbols etcetera and run it through those algorithms, MD5, SHA-1, SHA-2, etcetera.…The results of that could be stored in a database along with the original input,…so that now there's a sample table that can convert from the encrypted string…back to the original string.…
It just records input A yields output B. There is no longer a need to decrypt…our encrypted password.…One can just look it up in the table and all the processing that it takes…to figure it out has been done in advance, so it's not even a time intensive process.…A hacker can break our tough encryption scheme using just a simple database query.…
- Understanding MVC (Model View Controller ) architecture
- Routing browser requests through the framework
- Responding to requests with dynamic content
- Defining associations and database relationships
- Creating, reading, updating and deleting records
- Working with forms
- Validating form data
- Reviewing built-in security features
- Authenticating users and managing user access
- Debugging and error handling
Skill Level Beginner
1. What Is Ruby on Rails?
2. Installing Ruby on Rails on a Mac
3. Installing Ruby on Rails on a Windows Machine
4. Getting Started
5. Controllers, Views, and Dynamic Content
6. Databases and Migrations
7. Models, ActiveRecord, and ActiveRelation
9. Controllers and CRUD
10. Layouts, Partials, and View Helpers
12. Data Validation
13. User Authentication
14. Improving the Simple CMS
15. Debugging and Error Handling
16. Introducing More Advanced Topics
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.