1

i have a question about the use of hashing:

Why shouldn't I have all the Data I insert in the Database hashed instead of only hashing the password?

Wouldn't it be more secure to hash all values(emails etc.), so an attacker can't get anything, instead of everything except the password?

Why is it common to only hash the password?

Thanks for your help!

felixi1183
  • 13
  • 2
  • 1
    If you hash all the data, how would you would be able to display anything? Hashing is a one way street only – DarkBee Mar 10 '22 at 09:11
  • Hashing everything would be secure in the same way as unplugging a server and sealing it in concrete is secure: nobody can get the data, not even you. For passwords, that's actually OK - you don't _need_ to know someone's password, only prove that _they_ do. For everything else, you want _encryption_ not _hashing_. – IMSoP Mar 10 '22 at 09:18

1 Answers1

1

Well because hashing is one-way transaction, so you can't "unhash" the data. What purpose would that data then serve, if you can't read it and user needs to insert it every time again every time you need to process the data in any way?

jnko
  • 163
  • 1
  • 12