well, i dont know if yahoo uses hash functions, but they should... its the most logical way of storing passwords.. the thing with hash functions, is that its impossible to decrypt them... it takes a bit-string of an unlimited length, and hashes it to a finite length bit string... for example it will take a 256 bit-lenth string, and hash it to 128 bits...
you cant decrypt it because there are an infinite number of possible decryptions... the obvious downside is that there are only 2^128 possible hash values (for a 128 bit hash length)... which is aboot 3.4 * 10^34.... which is usually enough for any database... heh...
and there are definitely easier ways to compromise the system... most likely through the OS.... |