Well, you are not wrong ;)

Now do a kilobyte

The funny thing is, if you point out its mistakes, it often does better on subsequent attempts.

Or it get stuck in an endless loop of two different but wrong solutions.

Me: This is my system, version x. I want to achieve this.

ChatGpt: Here’s the solution.

Me: But this only works with Version y of given system, not x

ChatGpt: <Apology> Try this.

Me: This is using a method that never existed in the framework.

ChatGpt: <Apology> <Gives first solution again>

You should clone it for unlimited snacking.

Glad you take it like a champ :)

Mandatory Hyperbole And Half

English isn’t my native language. I thought for years (and I’m talking of 10+) it would be pronounced “ree-sipe”.

Ressepee

For sure, but in written text not obvius enough for me in many cases.

I wouldn’t call freaking out an approach unless you answered the wrong OP

Since I was stung three times out of nowhere, one time just by sitting around, not moving at all: Nope, the moment they try landing on me I freak out.

You could have add that this is just one of many ways to do it / jailbreak it:

https://github.com/0xk1h0/ChatGPT_DAN

Additional to what others have said: The “salted” part is very relevant for storing.

There aren’t soooo many different hashing algorithms people use. So, let’s simplify the hashing again with the crossfoot example.

Let’s say, 60% of websites use this one algorithm (crossfoot) for storing your password, and someone steals the password “hashes” (and the login / email). I could ran a program that creates me a list of all possible crossfoots for all numbers for 1 to 100000.

This would give me an easy lookup table for finding the “real” number behind those hashes. (Those tables exists. Look up “rainbow tables”)

Buuuut what if I use a little bit of salt (and pepper pepper pepper) before doing my hashing / crossfooting?

Let’s use the pw “69” again and use a salt with a random number “420” and add them all together:

6 + 9 + 420 = 435

This hash wouldn’t be in my previous mentioned lookup table. Use different salts for every user and at least the lookup problem isn’t such a big problem anymore.

Yeah, you actually better not save the users passwords in plain text or in an encrypted way it could be decrypted. You rather save a (salted) hashed string of the password. When a user logs in you compare the hashed value of the password the user typed in against the hashed value in your database.

What is hashed? Think of it like a crossfoot of a number:

Let’s say you have a number 69: It’s crossfoot is (6+9) 15. But if someone steals this crossfoot they can’t know the original number it’s coming from. It could be 78 or 87.