A “digest” (also called a “hash”, and informally a “checksum”) is a kind of “signature” for a stream of data that represents the contents. The closest real-life analog we can think is “a tamper-evident seal on a software package”: if you open the box (change the file), it’s detected.
Commonly, SHA256 digests are used to store passwords. What happens is that the user enters a password onto a website (for example, a registration form). The server then converts that password to a digest and stores just that digest in the database, along with the other information such as username etc. When the user comes to login, they enter their password and the servers converts it into a digest again. It then compares those two digests and see’s if they are the same. If they are, the user is logged in, if not, they are informed that the password is incorrect.
In this process, a plaintext password is never stored, only the digest. This means that even if a hacker gains access to the database all they get is the digest. Due to the nature of digests, it is not possible to convert a digest back to the original string. This makes it a very secure method of storing passwords.
The code is too complex to go through step by step so I have created a demo so that you can check it out for yourself. Please note that this is more of a proof-of-concept than a tutorial, if you have any issues please comment below.0 Likes - Be the first to like this post!