Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
MisterVerstalschyk2022-01-27 00:22:07
Burglary protection
MisterVerstalschyk, 2022-01-27 00:22:07

Is it true that, for example, a website or email service does not have access to passwords?

For example, there are companies that claim they don't have access to passwords. Is it possible? They also have access to the server and databases...

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

5 answer(s)
Report
A
Armenian Radio, 2022-01-27
@MisterVerstalschyk

Theoretically, this can be done by hashing/salting your password on the client and not passing it to the server.
In practice, it still remains a matter of trust between you and the site - today they do not transmit the password during authorization, tomorrow the front-end Vasily Shoto messed up, and the password flew away not only to the site database, but also to the campaign that provides an audit of user metrics.

Report
S
Sergey Karbivnichy, 2022-01-27
@hottabxp

Nobody but them will answer your question.

Report
D
Drno, 2022-01-27
@Drno

Why do they need access to passwords when you can see your information without them?))
Usually they don’t have

Report
A
Alexander, 2022-01-28
@Aleksandr-JS-Developer

They also have access to the server and databases...

Yeah, in the database they have passwords like
$2y$10$q5Tcu4qmO166MHMtJiesbO4w3174MhLIbjh1LcB1JYyt975eU0zbW
. Try to decipher what is encrypted here.
It can only be changed to another.
But the problem is that this password protects, most likely, unencrypted data, which means that instead of a password, the company will simply look at the data right away. Well, or, in extreme cases, just change the password ... So the question here is about trust, and not about technology.

Report
L
LeraWoolf, 2022-01-27
@LeraWoolf

If there are no fragments of transferring user passwords to the server in the code, then only the user knows the user password. And passwords and logins are stored in the database, otherwise you would not have logged into your account

Similar questions
A
AntohaRomaha2016-03-31 11:10:47
How to hack the web interface of a router knowing the open port 9559 on it? 1Reply
Z
Zyabi2020-08-05 09:47:39
How to find out the formula by which the time to crack a password is calculated? 5Reply
A
Alexander2016-04-10 21:04:35
Where to order a computer analysis after hacking? 3Reply
Y
yupic2014-02-01 12:24:38
Why do new followers appear on twitter without my knowledge? 6Reply
I
IckiSanZ2018-09-13 20:42:28
Is it possible to access the Wifi network parameters, are you interested in the option without brute force the admin password? 4Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question