Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Facebook Confirmation Code Algorithm


  • Please log in to reply
1 reply to this topic

#1 sausage

sausage

  • Members
  • 390 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Colorado
  • Local time:08:17 PM

Posted 19 October 2010 - 11:45 PM

So i'm under the assumption that the confirmation code system that facebook uses to reset passwords is based on some sort of algorithm/encryption. I would assume it's based on your profile id, but I could be wrong, does anyone know this algorithm?

BC AdBot (Login to Remove)

 


#2 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,260 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:07:17 PM

Posted 20 October 2010 - 12:19 AM

The confirmation code is likely based on a cryptographic hash algorithm like MD5 or SHA1. Hash algorithms use asymmetric functions so that it is computationally implausible to derive the inputs from the output. If Facebook did it right they also use an secret value, called a salt, which renders it computationally implausible to derive the output without knowing all the inputs. All this is leaving aside the problem of knowing which hashing algorithm they used, since that's not information that Facebook would likely share.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users