<div>
&gt; .. to use 3 random chars with this method. <br />
no, except brute force
</div>


> .. to use 3 random chars with this method.
no, except brute force

<div>
<div class="content wysiwyg-content">
I am currently designing a system that involves customer logins. &nbsp;One possible login step is entering 3 random chars from the password.<br />
<br />
I know typically. passwords are stored as a hash. &nbsp;However, it is impossible to use 3 random chars with this method. &nbsp;Can anyone tell me how the passwords should be stored without storing them as plain text?
</div>
</div>


I am currently designing a system that involves customer logins.  One possible login step is entering 3 random chars from the password.

I know typically. passwords are stored as a hash.  However, it is impossible to use 3 random chars with this method.  Can anyone tell me how the passwords should be stored without storing them as plain text?

Storing users passwords

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

Security

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.

Encryption

Web applications are systems that run in browsers that perform functions normally associated with other client-based programs. One of the most commonly used web applications is email; instead of downloading individual emails to a local machine, the data is shown through a website. Other examples of web applications are collaborative systems like a wiki or an online game.