• Reliant1087@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    You could take the old password, change one or two letters and compare the hash to the hash of the new password?

    • psilocybin@discuss.tchncs.de
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      That’s the point though.

      You’re not supposed to have the old password. If you had the old password you could just compare it to the new password.

      The only way you can do it is to take the new password and make a hash for every possible single-character variation and compare them all to the old hash

      • Reliant1087@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        Sorry, that’s what I meant as well :) Came out upside down when I wrote. We used to figure out shitty ISP router passwords this way by having a table of common passwords and their hashes.