Encryption vs Hashing #
Encryption is a technique used to protect a password (plaintext) by transforming it into a scrambled version using a mathematical algorithm.
This method renders the password unreadable without the corresponding decryption key. It is a reversible process, meaning that the original plaintext password, once encrypted into ciphertext, can be converted back to plaintext through decryption.
Hashing also employs an algorithm to convert a plaintext password into ciphertext, thereby obscuring the actual password. However, unlike encryption, hashing is a one-way process.
When a plaintext password of any length undergoes hashing, it generates a unique string or hexadecimal number specific to that plaintext. The length of this output depends on the algorithm used. Importantly, hashed passwords cannot be reverted to their original plaintext form. If you hash your password however, there is no way to get the original password back.
If encrypted passwords are not secure enough for your needs, it’s possible to enable password hashing.
Enable Hashing Instruction #
1. Stop the service
2. Edit settings.ini and find [Password Algorithm]
3. Change Default to BCrypt
4. Save settings.ini
5. Start the service again.
You can verify that accounts password is hashed by going into the account folder and open the users .uac file
Password.BCrypt = Hashed
Password.e1 = Encrypted
Password = Clear text
If you cache a password, it will not be Hashed (example: Active Directory impersonation password caching).
