Pro­tect crit­i­cal in­for­ma­tion

The Dallas Morning News - - World -

The ques­tion I have for Equifax, and, in­deed for ev­ery en­tity that holds con­fi­den­tial in­for­ma­tion about me, is this: Is that crit­i­cal data stored in a hashed form? If not, why not?

Hash­ing is a form of one-way en­cryp­tion, which is com­pu­ta­tion­ally in­fea­si­ble to de­code, even if you know the al­go­rithm used to en­crypt it. Hash­ing isn’t new. I used it in the early ’80s to en­sure data in­tegrity. It isn’t ex­pen­sive. Al­most all pass­words are stored in a hashed for­mat, so the process is well known to IT peo­ple or pro­gram­mers.

Did you ever won­der why, although there have been sev­eral ma­jor data breaches in which the pass­word files were lost, not much comes of it? Did you ever won­der why pass­words are case sen­si­tive? The rea­son is that the pass­words are hashed and even the peo­ple with di­rect ac­cess to the data­base can’t de­code them.

Any or­ga­ni­za­tion of any kind that doesn’t hash crit­i­cal in­for­ma­tion, es­pe­cially So­cial Se­cu­rity num­bers, is guilty of de­praved in­dif­fer­ence in my opin­ion. He­len Rhine, St. Paul, Texas

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.