Menu
we've been asked to provide file checksum on a download page.
Anyway the portal we are developing is in HTTPS with 3 factor authentication.
Does the checksum add any security or it is useless?
456
Checksums of files can be used to verify that the file has been downloaded correct. For example, if it is possible to download huge files from your portal, it would be a nice thing to supply the checksums of the files as well.
In this way a user can download the file, compute the checksum himself, and compare the checksum with the one provided by you. Example of a checksum algorithm could be Secure Hash Algorithm (in its various editions) or MD5
With respect to security, checksums can thus be used to see if a file has been modified. Although in your particular case, one can argue one much extra security is gained, since if a potential hacker gets access to modify your files, the hacker might as well also change the checksums accordingly.
192
answered May 17 '26 10:05
It does not add security. It does however add the ability to check whether the file downloaded was corrupted during the download process.
39
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
