Best explanation ever. Only thing I would add is that you can append the salt to the hash, then store that in the db. That way you don't need a separate salt column in the db.
can Auth0 provide user level resource access control overriding existing roles/permission hierarchies..just because we don't want to create too many roles&permissions
Great question! The salt should be stored with the hashed password When the checking the entered password the salt is grabbed and added to the entered password The stored salt is added to the entered password then hashed and compared to the hashed password in the database. Does that help?
Thanks for your feedback! We'll be creating lots of more content like this to cover more identity and security concepts :) Please subscribe to our channel if you'd like to see more.
Man, this video is awesome hahaha your shadowboxing had me laughing out loud. Also holy crap your production quality and visuals are top tier. I can't imagine how long this took. Definitely the most clear and easy to understand video I've seen on hashing, you explained all the concepts in a human way, and not like a robot way lol. Instant sub! Great job
Love how you broke this down into easy to understand terms. Great explanation!
Thank you!
This was an awesome explanation. Thank you for making things easy to understand! Great job 😎
Thanks!
Nice info! Thanks so much.
Thanks for watching!
excellent video! every programmer should be required to watch this video!
Thanks for the feedback! We're happy to hear you found it helpful.
you said the salt is stored in plaintext?
Best explanation ever. Only thing I would add is that you can append the salt to the hash, then store that in the db. That way you don't need a separate salt column in the db.
Great point!
Either way, if the attacker gets the DB he also has the salt for each user. What the point then to use a salt, unless you keep it _separate_?
Great explanation! Thanks
Awesome tutorial Will
Thanks for watching!
Thank Kelvin!
can Auth0 provide user level resource access control overriding existing roles/permission hierarchies..just because we don't want to create too many roles&permissions
I don't understand how a salted password with random salt can match the saved hash on database.
Great question!
The salt should be stored with the hashed password
When the checking the entered password the salt is grabbed and added to the entered password
The stored salt is added to the entered password then hashed and compared to the hashed password in the database.
Does that help?
@@WillJohnsonio oook, kind regards :)
Spring Security in Java Ecosystem right, its not for js I think
Nice to get some things that I was "sort of sure that's how it is" hammered in. Great video, and great pacing.
Thanks for your feedback! We'll be creating lots of more content like this to cover more identity and security concepts :) Please subscribe to our channel if you'd like to see more.
Thank you!
Man, this video is awesome hahaha your shadowboxing had me laughing out loud. Also holy crap your production quality and visuals are top tier. I can't imagine how long this took. Definitely the most clear and easy to understand video I've seen on hashing, you explained all the concepts in a human way, and not like a robot way lol. Instant sub! Great job
Thanks for watching and subscribing! Glad to hear this video was helpful for you. If there are other subjects you'd like to see covered let us know!
good work, just wanted to watch part of the video and watched until the end
Informative and actually quite entertaining to watch!
...and this is how educational content should be made
Well done video and cool looking guy🙂
😎 Thanks!
nice work
Thanks!
Happy me the 100th up😂
haha! Team work makes the dream work!
Informative and educational 😊
Very nice video, thnx!
Glad that you enjoyed it! Thanks for watching!
Thank you.
You are welcome. Thanks for watching!
Great Video
Thanks!
Thank you for this!
🔥👏 Thanks for sharing 💙