HangInThere | 02-19-2019 05:48 PM | Re: Why Did I get Suspended? Same Password? Strange Quote:
Originally Posted by winge00
(Post 979738)
In the stealth book under "why did I get suspended" One of the reason mentioned is using the same password as another suspended/limited/banned user. Weired right
I always think that the password is encripted and even the company can not see that, Am I wrong here? | PayPal most definitely encrypts all passwords, however, it's done using a one-way function that is secret and only known to PayPal. It means your password is safe not only in the event of a breach but even from PayPal themselves if they ever try and view your password on their database.
What's important to note though, is that when the algorithm is applied to your password (for example, "abc"), it gets encrypted and will become a long, fixed-length word (e.g. "xyxyxyxyxyxyxy"), which is what gets stored on their database. This encrypted word cannot be reversed back into your password, even if PayPal wanted to. I understand it doesn't make sense (i.e. why can't they just do the algorithm in reverse), but that's just the beauty of the algorithm (called "hashing").
To answer your question, as there is no randomness in the encryption process, if you create a new account with the same password (i.e. "abc"), it will again be encrypted using the same secret algorithm, which means it will still generate the same encrypted word (i.e. "xyxyxyxyxyxyxy").
PayPal can therefore potentially detect duplicate passwords by matching their encrypted values, while still keeping your sensitive information secure from both outsiders and insiders.
Hope this helps. |