{"componentChunkName":"component---gatsby-theme-hipex-src-templates-blog-js","path":"/wachtwoord-hash/","result":{"data":{"markdownRemark":{"frontmatter":{"slug":"/wachtwoord-hash/","title":"Magento Hash Waardes","author":{"frontmatter":{"authorName":"Hipex"}},"meta":{"metaTitle":"Magento Hash Waardes","metaDescription":"Een van de security maatregelen van Magento is dat het wachtwoorden als hash waardes opslaat in de database. In dit artikel leggen we je uit wat dit betekent.","canonical":null,"alternatives":null,"noindex":null,"metaImage":{"publicURL":"/static/330d926e1088a72f6a0f60fc080284c5/wachtwoord-hashing.png","childImageSharp":{"fixed":{"base64":"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAALCAYAAAB/Ca1DAAAACXBIWXMAAC4jAAAuIwF4pT92AAACdklEQVQoz3VSW0tUURQ+CkWBRL+inqSHeonood4jferyFtRDEUVBV5IIgpSgtIc0L+Mlr5lNBVY6NlZCaUY3UabMG44enXHmnL3P/exz1mqdMzqE1Qcfa63N3t/+9lpb4oYlBWC6KVFeGORBpHofM8wLlFcQbxBL/9i7gfICpnCJNddKWvnZcJ1XXgujVHGrukBahaoZpcQxw3ZxPUiof34xVSStA0Ms1D7FQjPS6ZNleTHXh5trh01H+IbtCN1y3FWKYN1w3O8qN45xz9vOETfx4wc25oXnF/JaW9rbn19JrXCUUxl/IjEtfkzOQXIxBVSjvJyBpXQWZuYWhbyczbnlhmCpzCx73JHgsZ4mTZ7clre8f+/h4ntVTSwS6cZIQ7fX1dWLdbWd0NzUAw31j7Cmug1aW5+G+eDgsCcAPXV4HM0Xb9Ae6EMcHUB9JKpbzy7uCAWj0f5diZ+zkM4y/DU9D1MzSUjKaQzqFYVjRtVQ4TpQb0HVTeTMACU2Cmr8g89iL30+8tbE5CgaQ/WnQsHrZXdOdHb0YuXdiKiqbIQHNe3Y0vwEqu+34ecvE+j4EAwEabLITRuZqqPyagTYzALwxDgweUn4U+/R6j5XsjbZq0FfqGfOcjrrkjM3o3AxNj7pkVNft2wgwRxNC5hCjqNDoPbGgb3uc82PcdTj9Yq4tLk4FNRMezfdLvv4NxwPcs4MyyNBl6IIYkhqgbAcBHoB17RDoRh9jXDU1Ket5LSENp4nlhMbqX5HcSkQ8f5xmWbZ1ALnK7PFwUBDQcxNOfj10n/AdKuI6+ZObphHSPwy7b1NsYJ4hriHPWzIvXL6W4HdclT6DfAGbGfXcX0AAAAAAElFTkSuQmCC","width":800,"height":420,"src":"/static/330d926e1088a72f6a0f60fc080284c5/f9ff4/wachtwoord-hashing.png","srcSet":"/static/330d926e1088a72f6a0f60fc080284c5/f9ff4/wachtwoord-hashing.png 1x"}}}},"featuredBlogImage":{"publicURL":"/static/330d926e1088a72f6a0f60fc080284c5/wachtwoord-hashing.png","childImageSharp":{"fluid":{"tracedSVG":"data:image/svg+xml,%3csvg%20xmlns='http://www.w3.org/2000/svg'%20width='758'%20height='400'%20viewBox='0%200%20758%20400'%20preserveAspectRatio='none'%3e%3cpath%20d='M599%20111c-17%206-25%2024-19%2041%202%206%209%2015%2015%2017%205%203%205%203%200%208-6%205-6%205-1%2011l4%204-4%204-4%206%204%205%204%204-4%204-4%206%209%2010c11%2010%2010%2010%2019%204l4-3v-61l5-4c12-8%2017-25%2011-39s-25-22-39-17m2%206c-11%204-17%2014-17%2025%201%2011%206%2018%2016%2023%208%203%208%208%202%2013l-4%204%204%205%204%205-4%205-4%204%204%205c5%205%205%205%200%2011l-4%204%203%204c7%207%209%207%2012%205l3-1v-63l4-2c10-4%2016-15%2015-25-2-17-19-27-34-22m2%2014c-7%203-8%2013-3%2019%209%209%2024%201%2021-12-2-8-11-11-18-7m-409%2023v24h8v-9c0-11%201-15%204-17h6c2%202%203%202%203%2014l1%2012h8v-28l-4-3c-4-4-10-5-14-2-3%202-4%202-4%201v-16h-8v24m244-16v9l-3-2c-12-7-26%207-22%2021%203%2011%2017%2017%2023%209%202-2%203-1%203%201s1%202%204%202h4v-48h-9v8m-381-5l10%2035%203%2010h9l4-16%205-15%203%2011c6%2022%205%2020%2010%2020h5l2-7a14926%2014926%200%200111-38l-5-1-4%201-4%2015-4%2015-5-15-5-15h-8l-4%2015-5%2015-5-15-3-15-5-1-5%201m176%206c0%205%200%205-3%205s-3%200-3%204c0%203%200%203%203%203h3v10c0%2011%202%2015%208%2017%204%201%2011%200%2011-2%200-5-1-6-5-5-4%200-5-2-5-12v-8h5c4%200%204%200%204-3%200-4%200-4-4-4h-5v-11h-9v6m372-2c-2%201-3%206%200%208%205%206%2015-1%209-8-3-2-6-3-9%200m-477%207c-3%202-7%206-7%208s7%202%209%200c4-3%2011-1%2011%204%200%201-1%202-7%202-11%200-17%206-14%2013%204%208%2011%2010%2021%204l1%201c0%202%201%202%204%202h4v-13c0-11-1-13-3-16-4-5-12-7-19-5m39%200c-19%209-10%2039%2010%2034%205-1%2011-6%2011-9s-7-3-10%200c-6%204-12%200-12-8%200-9%206-12%2012-8%202%202%203%203%206%202%204-1%205-2%202-5-4-6-13-9-19-6m151%201c-12%205-12%2024-1%2031%208%205%2020%202%2025-7%207-15-8-31-24-24m40%200c-12%205-12%2024-1%2031%208%205%2020%202%2025-7%207-15-8-31-24-24m47-1l-5%203c-2%201-2%201-2-1s-1-2-4-2h-4v34h9v-10c0-12%201-15%206-15%203%200%204%200%204-2%202-6%201-8-4-7m-150%201l5%2017%206%2016h8l3-11%203-11%204%2011%203%2011h9l5-16c6-19%206-18%201-18l-4%201-3%2010c-4%2012-4%2012-8-1l-2-10h-4l-4%201-3%2010-4%2010-3-10-3-11h-5l-4%201m66%209c-8%208%202%2022%2010%2014%203-3%204-6%203-11-2-6-8-8-13-3m40%200c-8%208%202%2022%2010%2014%203-3%204-6%203-11-2-6-8-8-13-3m64-1c-4%204-4%2012%200%2015%209%208%2018-6%2010-14-3-4-7-4-10-1m103%200c-8%206-7%202-8%2057v49h-3c-2%200-3%201-3%209%200%209%202%2013%207%2017l3%202h84c78%200%2085%200%2088-2%206-3%207-6%208-16v-9l-3-1h-3v-49c0-48-1-49-3-52-5-6-5-6-29-7h-22v6h42l3%203%203%203v96h-13v-39c0-38-1-40-3-43-4-6-5-6-26-7h-18v6h16c23%200%2025%201%2025%2014v6h-44l-1%202v3h45v58h-23c-24%200-24%200-26%206l-1%203h-28l-1-4-1-4-24-1h-23v-57h38v-6l-19-1h-19v-6c0-12%202-13%2024-13h17v-6h-19c-21%201-23%201-27%209-2%204-2%205-2%2042v38h-12v-48c0-52%200-51%206-53l22-1h19v-6h-21c-21%200-22%200-25%202m-355%2077v24h9v-12c1-12%201-13%205-15%206-1%207%202%207%2016v11h9v-28l-4-3c-4-4-11-5-15-2-3%203-2%203-2-6v-8l-5-1h-4v24m-114%202v22h9v-19h20v19h10v-45H88v17H68v-17h-9v23m56-12c-4%201-9%206-9%208s7%203%209%201c2-3%208-2%209%200%204%205%203%206-5%205-6%200-7%200-10%202-12%208%200%2024%2013%2017h4l5%201h4v-12c-1-15-2-18-8-21-5-2-8-2-12-1m32%200c-11%205-9%2017%204%2020%206%202%208%204%206%206-2%203-5%202-8%200-2-2-4-2-6-1-5%200-5%201-1%206%2011%209%2030%200%2024-12-2-3-4-4-13-7-5-1-5-6%200-6l4%202c1%201%203%202%205%201%205%200%205-2%201-6s-10-5-16-3m93%200l-4%203c-2%201-2%201-2-1s-1-2-4-2h-4v34h9v-11c0-12%200-12%203-14s4-3%207%200c2%202%203%203%203%2013v12h9v-13c-1-14-2-18-8-21h-9m33%200c-13%206-13%2024-2%2031%205%203%208%203%2013%200l4-2v2c0%207-8%2010-14%206h-5c-5%201-5%201-2%204%207%208%2020%208%2027-1l3-3v-37h-4c-3%200-4%200-4%202s0%202-3%200c-3-3-10-3-13-2m-63%2017v17h9v-33l-5-1h-4v17m66-9c-4%202-5%2010-2%2014%206%206%2014%202%2014-7%200-6-6-9-12-7m244%2041c0%205%202%209%205%2011%203%201%20166%202%20169%200s5-6%205-11v-4h-69l-1%204c-2%206-3%206-20%206-16%200-18-1-20-7l-1-3h-68v4'%20fill='%23d3d3d3'%20fill-rule='evenodd'/%3e%3c/svg%3e","aspectRatio":1.9067796610169492,"src":"/static/330d926e1088a72f6a0f60fc080284c5/f9ff4/wachtwoord-hashing.png","srcSet":"/static/330d926e1088a72f6a0f60fc080284c5/44803/wachtwoord-hashing.png 225w,\n/static/330d926e1088a72f6a0f60fc080284c5/169b9/wachtwoord-hashing.png 450w,\n/static/330d926e1088a72f6a0f60fc080284c5/f9ff4/wachtwoord-hashing.png 800w","srcWebp":"/static/330d926e1088a72f6a0f60fc080284c5/b0751/wachtwoord-hashing.webp","srcSetWebp":"/static/330d926e1088a72f6a0f60fc080284c5/e1b9e/wachtwoord-hashing.webp 225w,\n/static/330d926e1088a72f6a0f60fc080284c5/ed1b3/wachtwoord-hashing.webp 450w,\n/static/330d926e1088a72f6a0f60fc080284c5/b0751/wachtwoord-hashing.webp 800w","sizes":"(max-width: 800px) 100vw, 800px","presentationWidth":800}}},"date":"18 mei 2020","categories":[{"frontmatter":{"categoryTitle":"Security","slug":"/category/security/"}}],"blocks":[{"type":"text","content":"<!--StartFragment-->\n\nSecurity is bij Magento vanzelfsprekend een speerpunt. Een van de wijzigingen ten opzichte van Magento 1 is de opslag van wachtwoord hashes in de database. Magento heeft in versie 2 onder meer bescherming ingebouwd tegen **GPU aanvallen**.\n\n<!--EndFragment-->","template":"small-center","textBackground":"blobPastelOrange","textTemplate":"text","removeSectionSpace":false,"buttons":null,"imageAlt":null,"imageVariant":null,"blockBackground":null,"textImageBlockImage":null,"textImageBlockImageBig":null,"imageBlockImage":null,"textColor":null,"textPosition":null,"imagePosition":null,"heroBlockImage":null,"heroBlockImageBig":null,"showHostingIcons":null,"video":null,"videoTitle":null,"title":null,"block":null,"icon":null,"iconBlobTextImage":null,"button":null,"text":null,"subtitle":null,"form":null,"caseBlockBottomImage":null,"caseBlockMiddleImage":null,"caseBlockTopImage":null,"topVideo":null,"singleCase":null,"cases":null,"caseVariant":null,"client":null,"columnsCount":null,"iconTextItems":null,"clients":null,"itemsToDisplayBeforeBreak":null,"showMoreTitle":null,"features":null,"featuresLists":null,"faqs":null,"slasUSPs":null,"slas":null,"pricingplans":null,"texts":null,"casesButton":null,"casesTitle":null,"internalLink":null,"hipexScoreIcon":null},{"type":"text","content":"<!--StartFragment-->\n\n## GPU Aanvallen\n\nDe chip op je grafische kaart verwerkt **extreem snel** heel veel informatie. Speel een moderne game, kijk een actiefilm en de reden voor die snelheid zal duidelijk zijn.\n\nDe GPU maakt hierbij gebruik van honderden zo niet duizenden kernen (cores). Een kern is dan weer een locatie op een chip die zelfstandig code verwerkt.\n\nGrafische code wordt dan uitgevoerd door vele van die kernen en op die manier kan de hardware de toestroom van code opvangen en je film blijven afspelen.\n\nAls een aanvaller in staat is om al die kernen in te zetten om een hash waarde te kraken, dan kan deze meer dan een miljoen waardes per seconde checken. In feite is een GPU attack een zeer krachtige [brute force](https://nl.wikipedia.org/wiki/Brute_force_(methode)) aanval.\n\nMagento 2 heeft maatregelen getroffen om dit soort aanvallen te voorkomen. Deze maatregelen staat bekend als [Argon2](https://devdocs.magento.com/guides/v2.3/config-guide/secy/hashing.html) en beschermt tegen deze brute force aanvallen. We gaan dieper in op wat een hash waarde nu eigenlijk is.\n\n## De hash waarde\n\nIn principe is een hash waarde de uitkomst van een algoritme. De bekendste hashing algoritmes zijn MD5 en de SHA-familie, SHA1 en SHA2. Uiteraard zijn er nog vele anderen, maar MD5 en SHA worden veruit het meest gebruikt in databases.\n\nDe hash waarde vertegenwoordigt een unieke waarde die bij precies één reeks bits behoort. Van iedere reeks kan een hash waarde worden berekend. Dit kan een bestand zijn van een paar bytes of van een Terabyte, een woord of een hele harde schijf. \n\nJe kunt van letterlijk iedere bit reeks een hash waarde berekenen.\n\nDe hash waardes hebben vier **zeer belangrijke eigenschappen**. \n\n1. Iedere bit reeks heeft een unieke hash waarde.\n2. De hash waardes (binnen een familie) zijn altijd even lang.\n3. Uit de unieke hash waarde van een bestand kan nooit het bestand worden herberekend. \n4. De hash waardes zijn bij bijna gelijke tekst toch totaal verschillend.\n\nWe bekijken een voorbeeld, bezoek maar eens: [www.xorbin.com](https://www.xorbin.com/).\n\n* Klik op use bij de MD5 calculator.\n* Bereken de md5 waardes (deze zijn 128 bits lang) van de woorden hieronder\n* Typ de woorden hieronder in en klik op calculate\n* Vergelijk de uitkomsten met de hash waardes hieronder\n\nbit wordt *67169dfbf72c4ca285e9ee12e3e9ac5*\n\nbuit wordt *5b622fe356d3a0f4c74a5ed7297a1f38*\n\nbid wordt *12879fe24168807c1ef38cd5e580ee3a*\n\npit wordt *721f99927350450e076a57d4c74221e1*\n\nOndanks de gelijkenis van de woorden, zijn de MD5 waardes zeer verschillend en allemaal even lang. Ieder woord heeft een eigen hash waarde, want ieder woord bestaat uit een **unieke reeks** bits.\n\nMagento berekent de zogenaamde SHA256 van een wachtwoord en slaat dan dit wachtwoord op in de database. Als de database **gekraakt** wordt en de wachtwoorden gestolen, dan beschikt de aanvaller alleen over de (onkraakbare) hash waardes. \n\nDie zijn alleen brute force te kraken en dat kan heel lang duren. Als je de megasnelheid van de GPU hierbij betrekt dan kan dit wellicht in een acceptabele tijd plaatsvinden. Dit is dan vooral theorie, omdat Magento het SHA256 algoritme gebruikt, wat tweemaal zo lang is en qua algoritme **veel complexer**. \n\nEen 256 bit code kraken kan maar zo een Eeuw duren. **Letterlijk**. Hieronder zie je de verschillende algoritmes aan het werk in een Linux omgeving\n\n<!--EndFragment-->","template":"small-center","textBackground":null,"textTemplate":"text","removeSectionSpace":false,"buttons":null,"imageAlt":null,"imageVariant":null,"blockBackground":null,"textImageBlockImage":null,"textImageBlockImageBig":null,"imageBlockImage":null,"textColor":null,"textPosition":null,"imagePosition":null,"heroBlockImage":null,"heroBlockImageBig":null,"showHostingIcons":null,"video":null,"videoTitle":null,"title":null,"block":null,"icon":null,"iconBlobTextImage":null,"button":null,"text":null,"subtitle":null,"form":null,"caseBlockBottomImage":null,"caseBlockMiddleImage":null,"caseBlockTopImage":null,"topVideo":null,"singleCase":null,"cases":null,"caseVariant":null,"client":null,"columnsCount":null,"iconTextItems":null,"clients":null,"itemsToDisplayBeforeBreak":null,"showMoreTitle":null,"features":null,"featuresLists":null,"faqs":null,"slasUSPs":null,"slas":null,"pricingplans":null,"texts":null,"casesButton":null,"casesTitle":null,"internalLink":null,"hipexScoreIcon":null},{"type":"image","content":null,"template":"center","textBackground":null,"textTemplate":null,"removeSectionSpace":null,"buttons":null,"imageAlt":"Algoritmes Linux Hashing","imageVariant":null,"blockBackground":null,"textImageBlockImage":null,"textImageBlockImageBig":null,"imageBlockImage":{"publicURL":"/static/ce728f67987e93961f8fe6ec5251dd34/hashing.jpg","childImageSharp":{"fluid":{"tracedSVG":"data:image/svg+xml,%3csvg%20xmlns='http://www.w3.org/2000/svg'%20width='400'%20height='182'%20viewBox='0%200%20400%20182'%20preserveAspectRatio='none'%3e%3cpath%20d='M6%2093v84h389V8H6v85'%20fill='%23d3d3d3'%20fill-rule='evenodd'/%3e%3c/svg%3e","aspectRatio":2.2058823529411766,"src":"/static/ce728f67987e93961f8fe6ec5251dd34/f1861/hashing.jpg","srcSet":"/static/ce728f67987e93961f8fe6ec5251dd34/b3cab/hashing.jpg 300w,\n/static/ce728f67987e93961f8fe6ec5251dd34/39f27/hashing.jpg 600w,\n/static/ce728f67987e93961f8fe6ec5251dd34/f1861/hashing.jpg 618w","srcWebp":"/static/ce728f67987e93961f8fe6ec5251dd34/72474/hashing.webp","srcSetWebp":"/static/ce728f67987e93961f8fe6ec5251dd34/5ba9d/hashing.webp 300w,\n/static/ce728f67987e93961f8fe6ec5251dd34/6ef99/hashing.webp 600w,\n/static/ce728f67987e93961f8fe6ec5251dd34/72474/hashing.webp 618w","sizes":"(max-width: 618px) 100vw, 618px","presentationWidth":618}}},"textColor":null,"textPosition":null,"imagePosition":null,"heroBlockImage":null,"heroBlockImageBig":null,"showHostingIcons":null,"video":null,"videoTitle":null,"title":null,"block":null,"icon":null,"iconBlobTextImage":null,"button":null,"text":null,"subtitle":null,"form":null,"caseBlockBottomImage":null,"caseBlockMiddleImage":null,"caseBlockTopImage":null,"topVideo":null,"singleCase":null,"cases":null,"caseVariant":null,"client":null,"columnsCount":null,"iconTextItems":null,"clients":null,"itemsToDisplayBeforeBreak":null,"showMoreTitle":null,"features":null,"featuresLists":null,"faqs":null,"slasUSPs":null,"slas":null,"pricingplans":null,"texts":null,"casesButton":null,"casesTitle":null,"internalLink":null,"hipexScoreIcon":null},{"type":"text","content":"<!--StartFragment-->\n\nOnder Windows is het wat lastiger en moet de FCIV tool worden gedownload en geïnstalleerd.\n\n**MD5:**\n\n<!--EndFragment-->","template":"small-center","textBackground":null,"textTemplate":"text","removeSectionSpace":false,"buttons":null,"imageAlt":null,"imageVariant":null,"blockBackground":null,"textImageBlockImage":null,"textImageBlockImageBig":null,"imageBlockImage":null,"textColor":null,"textPosition":null,"imagePosition":null,"heroBlockImage":null,"heroBlockImageBig":null,"showHostingIcons":null,"video":null,"videoTitle":null,"title":null,"block":null,"icon":null,"iconBlobTextImage":null,"button":null,"text":null,"subtitle":null,"form":null,"caseBlockBottomImage":null,"caseBlockMiddleImage":null,"caseBlockTopImage":null,"topVideo":null,"singleCase":null,"cases":null,"caseVariant":null,"client":null,"columnsCount":null,"iconTextItems":null,"clients":null,"itemsToDisplayBeforeBreak":null,"showMoreTitle":null,"features":null,"featuresLists":null,"faqs":null,"slasUSPs":null,"slas":null,"pricingplans":null,"texts":null,"casesButton":null,"casesTitle":null,"internalLink":null,"hipexScoreIcon":null},{"type":"image","content":null,"template":"center","textBackground":null,"textTemplate":null,"removeSectionSpace":null,"buttons":null,"imageAlt":"Hashing MD5","imageVariant":null,"blockBackground":null,"textImageBlockImage":null,"textImageBlockImageBig":null,"imageBlockImage":{"publicURL":"/static/d3dedf6e3fc90ac94fdd94573d0e4fb0/hashing-md-5.jpg","childImageSharp":{"fluid":{"tracedSVG":"data:image/svg+xml,%3csvg%20xmlns='http://www.w3.org/2000/svg'%20width='400'%20height='114'%20viewBox='0%200%20400%20114'%20preserveAspectRatio='none'%3e%3cpath%20d='M9%2012l1%2095%20191%201h190V11H200L9%2012'%20fill='%23d3d3d3'%20fill-rule='evenodd'/%3e%3c/svg%3e","aspectRatio":3.5294117647058822,"src":"/static/d3dedf6e3fc90ac94fdd94573d0e4fb0/a323a/hashing-md-5.jpg","srcSet":"/static/d3dedf6e3fc90ac94fdd94573d0e4fb0/b3cab/hashing-md-5.jpg 300w,\n/static/d3dedf6e3fc90ac94fdd94573d0e4fb0/a323a/hashing-md-5.jpg 422w","srcWebp":"/static/d3dedf6e3fc90ac94fdd94573d0e4fb0/b1258/hashing-md-5.webp","srcSetWebp":"/static/d3dedf6e3fc90ac94fdd94573d0e4fb0/5ba9d/hashing-md-5.webp 300w,\n/static/d3dedf6e3fc90ac94fdd94573d0e4fb0/b1258/hashing-md-5.webp 422w","sizes":"(max-width: 422px) 100vw, 422px","presentationWidth":422}}},"textColor":null,"textPosition":null,"imagePosition":null,"heroBlockImage":null,"heroBlockImageBig":null,"showHostingIcons":null,"video":null,"videoTitle":null,"title":null,"block":null,"icon":null,"iconBlobTextImage":null,"button":null,"text":null,"subtitle":null,"form":null,"caseBlockBottomImage":null,"caseBlockMiddleImage":null,"caseBlockTopImage":null,"topVideo":null,"singleCase":null,"cases":null,"caseVariant":null,"client":null,"columnsCount":null,"iconTextItems":null,"clients":null,"itemsToDisplayBeforeBreak":null,"showMoreTitle":null,"features":null,"featuresLists":null,"faqs":null,"slasUSPs":null,"slas":null,"pricingplans":null,"texts":null,"casesButton":null,"casesTitle":null,"internalLink":null,"hipexScoreIcon":null},{"type":"text","content":"<!--StartFragment-->\n\n**SHA2:**\n\n<!--EndFragment-->","template":"small-center","textBackground":null,"textTemplate":"text","removeSectionSpace":false,"buttons":null,"imageAlt":null,"imageVariant":null,"blockBackground":null,"textImageBlockImage":null,"textImageBlockImageBig":null,"imageBlockImage":null,"textColor":null,"textPosition":null,"imagePosition":null,"heroBlockImage":null,"heroBlockImageBig":null,"showHostingIcons":null,"video":null,"videoTitle":null,"title":null,"block":null,"icon":null,"iconBlobTextImage":null,"button":null,"text":null,"subtitle":null,"form":null,"caseBlockBottomImage":null,"caseBlockMiddleImage":null,"caseBlockTopImage":null,"topVideo":null,"singleCase":null,"cases":null,"caseVariant":null,"client":null,"columnsCount":null,"iconTextItems":null,"clients":null,"itemsToDisplayBeforeBreak":null,"showMoreTitle":null,"features":null,"featuresLists":null,"faqs":null,"slasUSPs":null,"slas":null,"pricingplans":null,"texts":null,"casesButton":null,"casesTitle":null,"internalLink":null,"hipexScoreIcon":null},{"type":"image","content":null,"template":"center","textBackground":null,"textTemplate":null,"removeSectionSpace":null,"buttons":null,"imageAlt":"Hashing SHA2","imageVariant":null,"blockBackground":null,"textImageBlockImage":null,"textImageBlockImageBig":null,"imageBlockImage":{"publicURL":"/static/fa6e861d883aa918dd3edef8a19ab1ee/hashing-sha2.jpg","childImageSharp":{"fluid":{"tracedSVG":"data:image/svg+xml,%3csvg%20xmlns='http://www.w3.org/2000/svg'%20width='400'%20height='111'%20viewBox='0%200%20400%20111'%20preserveAspectRatio='none'%3e%3cpath%20d='M4%205v50l1%2049h387V4H198L4%205'%20fill='%23d3d3d3'%20fill-rule='evenodd'/%3e%3c/svg%3e","aspectRatio":3.6144578313253013,"src":"/static/fa6e861d883aa918dd3edef8a19ab1ee/bed56/hashing-sha2.jpg","srcSet":"/static/fa6e861d883aa918dd3edef8a19ab1ee/b3cab/hashing-sha2.jpg 300w,\n/static/fa6e861d883aa918dd3edef8a19ab1ee/bed56/hashing-sha2.jpg 415w","srcWebp":"/static/fa6e861d883aa918dd3edef8a19ab1ee/59e47/hashing-sha2.webp","srcSetWebp":"/static/fa6e861d883aa918dd3edef8a19ab1ee/5ba9d/hashing-sha2.webp 300w,\n/static/fa6e861d883aa918dd3edef8a19ab1ee/59e47/hashing-sha2.webp 415w","sizes":"(max-width: 415px) 100vw, 415px","presentationWidth":415}}},"textColor":null,"textPosition":null,"imagePosition":null,"heroBlockImage":null,"heroBlockImageBig":null,"showHostingIcons":null,"video":null,"videoTitle":null,"title":null,"block":null,"icon":null,"iconBlobTextImage":null,"button":null,"text":null,"subtitle":null,"form":null,"caseBlockBottomImage":null,"caseBlockMiddleImage":null,"caseBlockTopImage":null,"topVideo":null,"singleCase":null,"cases":null,"caseVariant":null,"client":null,"columnsCount":null,"iconTextItems":null,"clients":null,"itemsToDisplayBeforeBreak":null,"showMoreTitle":null,"features":null,"featuresLists":null,"faqs":null,"slasUSPs":null,"slas":null,"pricingplans":null,"texts":null,"casesButton":null,"casesTitle":null,"internalLink":null,"hipexScoreIcon":null},{"type":"text","content":"<!--StartFragment-->\n\nDe Aanval\n\nDe meest gebruikte en eenvoudige manier om een hash waarde te kraken is deze op te zoeken. Dit toont meteen de waarde van een sterk wachtwoord aan. \n\nVoor alle duidelijkheid hash waardes zijn onkraakbaar, je kunt deze alleen aanvallen met brute force (alles proberen tot je de juiste treft) of opzoeken in een database omdat bij hetzelfde wachtwoord altijd dezelfde hash waarde behoort.\n\nGa naar de <https://www.xorbin.com/> en bereken de SHA256 waarde van het wachtwoord hello123.\n\nNatuurlijk geen sterk wachtwoord. Ga nu naar [https://www.hashkiller.co.uk](https://www.hashkiller.co.uk/)\n\nKlik hier op Hash Cracker in het menu en kies SHA256 . De waarde van dit wachtwoord zit in de database, Hello123 (met hoofdletter) en !Hello123 (met leesteken) zitten niet in de database. \n\nDe twee extra waardes zie je wel in het plaatje van de gekraakte MD5 waardes.\n\n<!--EndFragment-->","template":"small-center","textBackground":null,"textTemplate":"text","removeSectionSpace":false,"buttons":null,"imageAlt":null,"imageVariant":null,"blockBackground":null,"textImageBlockImage":null,"textImageBlockImageBig":null,"imageBlockImage":null,"textColor":null,"textPosition":null,"imagePosition":null,"heroBlockImage":null,"heroBlockImageBig":null,"showHostingIcons":null,"video":null,"videoTitle":null,"title":null,"block":null,"icon":null,"iconBlobTextImage":null,"button":null,"text":null,"subtitle":null,"form":null,"caseBlockBottomImage":null,"caseBlockMiddleImage":null,"caseBlockTopImage":null,"topVideo":null,"singleCase":null,"cases":null,"caseVariant":null,"client":null,"columnsCount":null,"iconTextItems":null,"clients":null,"itemsToDisplayBeforeBreak":null,"showMoreTitle":null,"features":null,"featuresLists":null,"faqs":null,"slasUSPs":null,"slas":null,"pricingplans":null,"texts":null,"casesButton":null,"casesTitle":null,"internalLink":null,"hipexScoreIcon":null},{"type":"image","content":null,"template":"center","textBackground":null,"textTemplate":null,"removeSectionSpace":null,"buttons":null,"imageAlt":"Hashing Cracker resultaten","imageVariant":null,"blockBackground":null,"textImageBlockImage":null,"textImageBlockImageBig":null,"imageBlockImage":{"publicURL":"/static/a1f8d4b34abff7c98fba542c81f420e2/gekraakt-md5-waardes.jpg","childImageSharp":{"fluid":{"tracedSVG":"data:image/svg+xml,%3csvg%20xmlns='http://www.w3.org/2000/svg'%20width='400'%20height='75'%20viewBox='0%200%20400%2075'%20preserveAspectRatio='none'%3e%3cpath%20d='M3%2038v33h392V7L199%206H3v32'%20fill='%23d3d3d3'%20fill-rule='evenodd'/%3e%3c/svg%3e","aspectRatio":5.357142857142857,"src":"/static/a1f8d4b34abff7c98fba542c81f420e2/a4218/gekraakt-md5-waardes.jpg","srcSet":"/static/a1f8d4b34abff7c98fba542c81f420e2/b3cab/gekraakt-md5-waardes.jpg 300w,\n/static/a1f8d4b34abff7c98fba542c81f420e2/39f27/gekraakt-md5-waardes.jpg 600w,\n/static/a1f8d4b34abff7c98fba542c81f420e2/a4218/gekraakt-md5-waardes.jpg 615w","srcWebp":"/static/a1f8d4b34abff7c98fba542c81f420e2/c1b44/gekraakt-md5-waardes.webp","srcSetWebp":"/static/a1f8d4b34abff7c98fba542c81f420e2/5ba9d/gekraakt-md5-waardes.webp 300w,\n/static/a1f8d4b34abff7c98fba542c81f420e2/6ef99/gekraakt-md5-waardes.webp 600w,\n/static/a1f8d4b34abff7c98fba542c81f420e2/c1b44/gekraakt-md5-waardes.webp 615w","sizes":"(max-width: 615px) 100vw, 615px","presentationWidth":615}}},"textColor":null,"textPosition":null,"imagePosition":null,"heroBlockImage":null,"heroBlockImageBig":null,"showHostingIcons":null,"video":null,"videoTitle":null,"title":null,"block":null,"icon":null,"iconBlobTextImage":null,"button":null,"text":null,"subtitle":null,"form":null,"caseBlockBottomImage":null,"caseBlockMiddleImage":null,"caseBlockTopImage":null,"topVideo":null,"singleCase":null,"cases":null,"caseVariant":null,"client":null,"columnsCount":null,"iconTextItems":null,"clients":null,"itemsToDisplayBeforeBreak":null,"showMoreTitle":null,"features":null,"featuresLists":null,"faqs":null,"slasUSPs":null,"slas":null,"pricingplans":null,"texts":null,"casesButton":null,"casesTitle":null,"internalLink":null,"hipexScoreIcon":null},{"type":"text","content":"<!--StartFragment-->\n\nBedenk wel dat van het veel gebruikte MD5 er miljarden hash waardes bekend zijn.\n\n<!--EndFragment-->","template":"small-center","textBackground":null,"textTemplate":"text","removeSectionSpace":false,"buttons":null,"imageAlt":null,"imageVariant":null,"blockBackground":null,"textImageBlockImage":null,"textImageBlockImageBig":null,"imageBlockImage":null,"textColor":null,"textPosition":null,"imagePosition":null,"heroBlockImage":null,"heroBlockImageBig":null,"showHostingIcons":null,"video":null,"videoTitle":null,"title":null,"block":null,"icon":null,"iconBlobTextImage":null,"button":null,"text":null,"subtitle":null,"form":null,"caseBlockBottomImage":null,"caseBlockMiddleImage":null,"caseBlockTopImage":null,"topVideo":null,"singleCase":null,"cases":null,"caseVariant":null,"client":null,"columnsCount":null,"iconTextItems":null,"clients":null,"itemsToDisplayBeforeBreak":null,"showMoreTitle":null,"features":null,"featuresLists":null,"faqs":null,"slasUSPs":null,"slas":null,"pricingplans":null,"texts":null,"casesButton":null,"casesTitle":null,"internalLink":null,"hipexScoreIcon":null},{"type":"image","content":null,"template":"center","textBackground":null,"textTemplate":null,"removeSectionSpace":null,"buttons":null,"imageAlt":"Hashing cracker results","imageVariant":null,"blockBackground":null,"textImageBlockImage":null,"textImageBlockImageBig":null,"imageBlockImage":{"publicURL":"/static/395582c20d91cf60d639e749e169f812/gekraakt-md5-waardes-1.jpg","childImageSharp":{"fluid":{"tracedSVG":"data:image/svg+xml,%3csvg%20xmlns='http://www.w3.org/2000/svg'%20width='400'%20height='117'%20viewBox='0%200%20400%20117'%20preserveAspectRatio='none'%3e%3cpath%20d='M12%2061v50h380V10H12v51'%20fill='%23d3d3d3'%20fill-rule='evenodd'/%3e%3c/svg%3e","aspectRatio":3.409090909090909,"src":"/static/395582c20d91cf60d639e749e169f812/c6d0d/gekraakt-md5-waardes-1.jpg","srcSet":"/static/395582c20d91cf60d639e749e169f812/b3cab/gekraakt-md5-waardes-1.jpg 300w,\n/static/395582c20d91cf60d639e749e169f812/c6d0d/gekraakt-md5-waardes-1.jpg 433w","srcWebp":"/static/395582c20d91cf60d639e749e169f812/4ee6a/gekraakt-md5-waardes-1.webp","srcSetWebp":"/static/395582c20d91cf60d639e749e169f812/5ba9d/gekraakt-md5-waardes-1.webp 300w,\n/static/395582c20d91cf60d639e749e169f812/4ee6a/gekraakt-md5-waardes-1.webp 433w","sizes":"(max-width: 433px) 100vw, 433px","presentationWidth":433}}},"textColor":null,"textPosition":null,"imagePosition":null,"heroBlockImage":null,"heroBlockImageBig":null,"showHostingIcons":null,"video":null,"videoTitle":null,"title":null,"block":null,"icon":null,"iconBlobTextImage":null,"button":null,"text":null,"subtitle":null,"form":null,"caseBlockBottomImage":null,"caseBlockMiddleImage":null,"caseBlockTopImage":null,"topVideo":null,"singleCase":null,"cases":null,"caseVariant":null,"client":null,"columnsCount":null,"iconTextItems":null,"clients":null,"itemsToDisplayBeforeBreak":null,"showMoreTitle":null,"features":null,"featuresLists":null,"faqs":null,"slasUSPs":null,"slas":null,"pricingplans":null,"texts":null,"casesButton":null,"casesTitle":null,"internalLink":null,"hipexScoreIcon":null},{"type":"text","content":"<!--StartFragment-->\n\n## De kracht van hashing en Magento\n\nEen hash waarde biedt een unieke waarde voor ieder wachtwoord en kan niet worden herberekend. Vanuit de hashwaarde kan je geen wachtwoorden terugrekenen. \n\nWel kan je wachtwoorden met hashwaardes opzoeken (hashkiller) of brute forcen (GPU attack). Voor het door Magento gebruikte SHA256 algoritme zijn complexe wachtwoorden niet bekend in databases zoals die van hashkiller. \n\nMagento biedt bescherming tegen GPU attacks door de implementatie van Argon2 in [PHP](https://www.hipex.io/wat-is-php/) in te bouwen. In principe maakt Argon2 het voor de aanvaller moeilijker om de GPU te gebruiken als resource voor brute forcing.\n\nDe reden dat veel aanvallers zich richten op SHA256 hashing heeft niet zo zeer te maken met Magento’s opslag van wachtwoorden, maar vooral omdat het het onderliggende algoritme van Bitcoins is. Die lange bitcoins nummers zijn hash waardes.\n\n<!--EndFragment-->","template":"small-center","textBackground":null,"textTemplate":"text","removeSectionSpace":false,"buttons":null,"imageAlt":null,"imageVariant":null,"blockBackground":null,"textImageBlockImage":null,"textImageBlockImageBig":null,"imageBlockImage":null,"textColor":null,"textPosition":null,"imagePosition":null,"heroBlockImage":null,"heroBlockImageBig":null,"showHostingIcons":null,"video":null,"videoTitle":null,"title":null,"block":null,"icon":null,"iconBlobTextImage":null,"button":null,"text":null,"subtitle":null,"form":null,"caseBlockBottomImage":null,"caseBlockMiddleImage":null,"caseBlockTopImage":null,"topVideo":null,"singleCase":null,"cases":null,"caseVariant":null,"client":null,"columnsCount":null,"iconTextItems":null,"clients":null,"itemsToDisplayBeforeBreak":null,"showMoreTitle":null,"features":null,"featuresLists":null,"faqs":null,"slasUSPs":null,"slas":null,"pricingplans":null,"texts":null,"casesButton":null,"casesTitle":null,"internalLink":null,"hipexScoreIcon":null}]}},"next":{"frontmatter":{"slug":"/shopware-beste-plugins/","title":"De 8 beste plugins voor Shopware (2021)","date":"4 januari 2021"}},"prev":{"frontmatter":{"slug":"/iaas-paas-saas/","title":"IaaS, Paas en Saas: wat zijn de verschillen?","date":"26 mei 2020"}}},"pageContext":{"isCreatedByCreateBlogPage":true,"id":"615e5f50-bab5-5dfe-bbb8-50a9c53a4a11","prevId":"38c7d33c-7a35-51f7-b5f3-a5b471f7a106","nextId":"e3f00a69-ec57-5ae0-b9e9-eac584bd1bce"}}}