1 00:00:00,300 --> 00:00:06,510 In this video, let's try to look at the last two password and voiceprints security framework, which 2 00:00:06,510 --> 00:00:08,920 are bit creepy and password encoded. 3 00:00:09,570 --> 00:00:16,110 So Big Red Passport and is the most commonly used password encoders these days in any application for 4 00:00:16,110 --> 00:00:19,000 hashing mechanism, especially for passwords. 5 00:00:19,380 --> 00:00:24,620 So this follows a big trip, strong hashing function to encode the password. 6 00:00:24,840 --> 00:00:30,210 And you can create this encoder by following any of these three constructor's. 7 00:00:30,450 --> 00:00:35,880 The very first one is, which is a default constructor, followed by a second constructor, where you 8 00:00:35,880 --> 00:00:43,110 can mention the coefficient value, which represents how many times the encoding process has to go through 9 00:00:43,260 --> 00:00:44,780 in terms of logarithm. 10 00:00:45,360 --> 00:00:53,010 So if I mention four, that means internally it will go to the two power four of rounds for the encoding 11 00:00:53,010 --> 00:00:53,580 process. 12 00:00:54,000 --> 00:00:59,160 And at the same time you can leverage the third constructor where along with the coefficient value, 13 00:00:59,160 --> 00:01:05,360 you can also pass to secure a random instance, to generate a random sample for your hashing mechanism 14 00:01:05,580 --> 00:01:08,930 top secret password, and it will solve most of your problem. 15 00:01:09,150 --> 00:01:18,030 But as we pass day by day, the hackers also are getting stronger CPU stronger GPU processes, which 16 00:01:18,030 --> 00:01:26,430 can help them to derive the orginally text by comparing hash of each and every text available in that 17 00:01:26,730 --> 00:01:27,340 vicinity. 18 00:01:27,840 --> 00:01:35,340 So to avoid that, we have a recent password encoder, which is a secret password and it has so many 19 00:01:35,340 --> 00:01:44,760 parameters except which not only will take exponential aim of the hacker to decode your hash, but also 20 00:01:44,760 --> 00:01:50,940 it will take the exponential memory of the C.P.U who want to decode the password hash. 21 00:01:51,240 --> 00:01:59,130 So due to that reason, you are free to use decrypt are password encoders and these should solve our 22 00:01:59,640 --> 00:02:06,090 problems and the way that we stored inside the database for any application compared with the previous 23 00:02:06,090 --> 00:02:11,520 password encoders, which we discussed this password and are pretty strong in nature. 24 00:02:11,850 --> 00:02:21,090 And any hackers need lots and lots of time on memory and processes in order to decode these hashes, 25 00:02:21,270 --> 00:02:25,120 which is almost impossible in the current situations. 26 00:02:25,710 --> 00:02:27,380 So in the secret password, incorrupt. 27 00:02:27,400 --> 00:02:28,530 So we have to construct this. 28 00:02:28,530 --> 00:02:34,020 Where we can create this one is the default constructor and the second one is the constructor where 29 00:02:34,020 --> 00:02:35,900 it accepts five parameters. 30 00:02:36,060 --> 00:02:39,340 So we will see what are these five parameters by going into the score. 31 00:02:39,630 --> 00:02:44,160 First, let's try to go and see what is the secret password and password. 32 00:02:44,160 --> 00:02:50,610 And as I said, it has a simple constructor and at the same time it also has a constructor where we 33 00:02:50,610 --> 00:02:55,110 can pass the strength of the coefficient in terms of law grounds. 34 00:02:55,110 --> 00:02:57,070 And it ranges from four to Tacuba. 35 00:02:57,420 --> 00:03:04,410 And it also has various versions so that when we have a constructor, which can accept the version, 36 00:03:04,410 --> 00:03:10,470 but I think we don't have to use this, we should as a developers and architects, we should always 37 00:03:10,470 --> 00:03:16,410 worry about the strength and the default constructor and by default, the two year version is used by 38 00:03:16,410 --> 00:03:17,490 the springform. 39 00:03:17,700 --> 00:03:24,540 But if there is a scenario where you want to change this version of, always go and use the observations 40 00:03:24,540 --> 00:03:26,410 that we have, it is to way to build. 41 00:03:26,880 --> 00:03:27,360 For that. 42 00:03:27,660 --> 00:03:36,630 We also have a method where it will call internally big library to hash the password, bypassing the 43 00:03:36,630 --> 00:03:39,210 real password, and that's all associated with it. 44 00:03:39,510 --> 00:03:44,700 And at the same time, we also have a mattress implementation where it will try to check the password, 45 00:03:44,700 --> 00:03:48,390 bypassing the original password and at the same time encoded password. 46 00:03:48,630 --> 00:03:55,080 So inside this, the original password will be hashed and it will try to compare the hash value that 47 00:03:55,080 --> 00:04:02,580 we maintain to the database and what we calculate it from the user input value is equal, not the one 48 00:04:02,580 --> 00:04:04,790 that matches will boolean. 49 00:04:05,250 --> 00:04:13,270 For that, we also have a password encoder and as I was saying, it has a default constructor that we 50 00:04:13,290 --> 00:04:17,010 are mentioning the default constructor without passing any parameters. 51 00:04:17,010 --> 00:04:23,340 It internally uses the same numbers which was shown previously because these are the default numbers 52 00:04:23,340 --> 00:04:25,370 that this password incorrect answers. 53 00:04:25,650 --> 00:04:31,980 Let's try to see what are these numbers the first number considers to be course? 54 00:04:32,070 --> 00:04:39,900 What is a cost that you want to leverage to generate hash and memory cost, which is the second parameter 55 00:04:40,230 --> 00:04:42,860 and the third one is a parallelization.