Secret Server's user passwords and DoubleLock passwords are hashed in the database using the SHA 512 hashing function. A hash function differs from an encryption method in that a hash function, when used correctly, is computationally infeasible to reverse.
Hashing algorithms are mathematical functions that convert inputted text values to a hash digest. Even the smallest change of the input text produces radically different hashed values. This guarantees that if two users choose the same password, their hash value in the database will not be the same.
Hashing is an essential security requirement to ensure that authentication credentials are not exposed.
Secret Server also uses random salts and multiple hash iterations to prevent brute-forcing or the use of Rainbow tables.
For more information read: ‘What is Hashing?’ by Kevin Jones
Next Feature: Two-factor Authentication >