One thing people forget is that Orkut just like any other web-based service store the password in encrypted format and just not possible to figure out the password even with the help of employees who are working there. How is it possible? Without going into technical details, let me explain things in a simple way.
When you register for a web based service you provide the password; one thing most trusted websites does is that it encrypt the password provided by you. The encryption is not reversible ie no one can decode the string back to the original format.
Suppose you have the password “MyPassword” this password is stored in the Orkut (or any other server) in encrypted format… something like – MyPassword => khkjhd877e8q78e8634but3874@63. There are several encryption techniques available like MD5, SHA etc. These encryption algorithms are not reversible ie you can convert MyPassword to khkjhd877e8q78e8634but3874@63 but khkjhd877e8q78e8634but3874@63 can’t be converted back to MyPassword.
When ever you enter the user name and password, the website convert your password into Md5 or sha or what ever it is and cross check. So not even an Google employee can retrieve your password. Well, it can be reset.
Orkut passwords could be compromised only if you are :
- Using a computer with a keylogger installed
- Using a computer affected with some Trojan or virus
- Using other websites where you have used the same password, which is not encrypted
