Practice free →
HomeBCA Cyber SecuritycybersecurityCybersecurity Fundamentals › A HASH FUNCTION (e.g. SHA-256) used for password…

A HASH FUNCTION (e.g. SHA-256) used for password storage should be

Areversible so passwords can be recovered
BFAST so login is quick
CONE-WAY (irreversible) and SLOW (computationally expensive)
Dthe same for all users
Answer & Solution
Correct answer: C. ONE-WAY (irreversible) and SLOW (computationally expensive)
1. PASSWORD HASHING requirements differ from general hashing. 2. ONE-WAY: given the hash, you cannot reconstruct the password (no decryption key). Makes a database leak less catastrophic. 3. INTENTIONALLY SLOW: brute-force attempts take orders of magnitude longer. SHA-256 alone is too fast (billions/sec on a GPU). 4. Use a SLOW PASSWORD HASH: bcrypt, scrypt, Argon2, or PBKDF2. These accept a 'work factor' you can tune. 5. Also add a UNIQUE PER-USER SALT to defeat rainbow tables — same password produces different hashes. 6. Option A defeats the purpose. Option B is the wrong trade-off. Option D defeats the salt principle. _Source: NIST CSF PR.DS (Data security) + NIST SP 800-63B (memorised secret guidelines)._
Solve this in the app — BCA Cyber Security practice & 24k+ MCQs →
Related questions