I have a secret recipe for a delicious pie. How hard would it be for you to make that pie without knowing the recipe?
I will even give you a hint. One of the ingredients is salt.
It might be easy for you to guess what the other ingredients are. But you would still have to bake a pie for each guess. That is a lot of extra work.
And that is exactly why mixing our password with some salt* keeps our account secure. This recipe is called Password Based Key Derivation Function number Two or PBKDF2 for short.
If you know the password, it is easy to bake the same pie again and again. If you don't know the password, guessing is easy, but baking is hard.
This idea is called "proof of work" and is important for creating and signing into a user account.
We have one last step. With public/private key cryptography, the proof of work and the private key are different, even though they are both long and complicated. Instead, we use the proof of work to encrypt and decrypt the private key.
What's encryption? Well, that is in the next video!
