Can website and APP administrators see your account and password?

Do you have the habit of using the same mobile phone number and password to register an account no matter which website or app you register an account on? Once your account and password are leaked, others can log in to all websites and apps you have registered.

Can website and APP administrators see your account and password? Internet Chapter 1

Assuming you are on a legitimate website and APP, can the administrator of the website and APP see your account and password?

On the user management pages in the background of websites and apps, administrators can see your account, which is combined with thousands of accounts to form a list that can query user information. Lists can also be used to edit information about a user individually.

So, can the administrator see the user's password?

However, he couldn't see it. Was he not authorized enough? I mean the administrator with the highest authority.

As long as it is a legal website or APP, the user's password will be encrypted through algorithms. Administrators enter the user's personal information editing page in the background, and the password they see will be replaced by a blank input box, black dots or black meter.

Although the administrator cannot see the clear password, he can bypass mobile phone verification, email verification and other methods and directly replace or reset the password for the user. Of course, this behavior requires user authorization. For example, the user forgets the password and does not have a mobile phone or email verification channel. In this case, as long as there is other way to prove that the account belongs to him, he can ask the administrator to help him replace the new password.

Databases are the place where websites and apps store information. Can the database administrator see the user's password?

The answer is, you can see it. However, don't worry. What he saw was a plaintext password encrypted through an algorithm.

Take the mysql database as an example. The user's password in the database is a new plaintext password of letters and numbers that is encrypted using the md5 algorithm. It is much longer than the original password set by the user. It is difficult for the password encrypted by the md5 algorithm to be restored to the original password. Simply put, the more complex the password you set, the more difficult it will be to restore it after being encrypted by the algorithm. For example, passwords such as 123456 and 6 8s can be easily restored after being encrypted by the md5 algorithm. Complex combinations of letters and numbers are difficult to restore. Therefore, the database administrator cannot easily know what your password is.

In addition, anyone who can manage the database knows the legal consequences of leaking user privacy, and will sign a confidentiality agreement with the company. As long as he does not prefer a pair of silver bracelets, a small black room, and free three meals, he does not dare to leak the contents of the database.

t like1

Link to this article:https://en.finchui.com/mood/26.html

netizens commented

guess you like

hot commodity
popular articles
hot Tags
related tags
FinchUI Store Edition Hong Kong Special Area

share

copy Link

Xinglan Studioadd friends

Working hours: 9:00-22:00
Saturday and Sunday: 14:00-22:00
wechat
Scan the code to add customer service WeChat