From Seo Wiki - Search Engine Optimization and Programming Languages
| This article needs additional citations for verification.
Please help improve this article by adding reliable references. Unsourced material may be challenged and removed. (April 2009) </td>
A tripcode is a means of telecommunication authentication that does not require registration. Tripcodes are most often used in 2channel-style message boards or Futaba Channel-style imageboards. A tripcode is a hashed password by which a person can be identified by others.
A tripcode is the result of input to a cryptographic hash function on the message board server, usually entered in the same field as the name. Using the common 2channel format,
Readers of the board can identify postings made by the same user by comparing tripcodes. If two people use the same user name, they can be told apart because they, presumably, don't know each other's passwords that generate the different tripcodes. This way, the names and passwords don't have to be stored in a database. As many boards use the same algorithm, tripcodes are usually consistent.
Description of the algorithm
The tripcode function works as follows:
Since this is merely a de facto standard, actual implementations vary widely. Most noticeably, many implementations substitute various characters with their HTML entities. For example, 2channel translates <, >, and " to <, >, and ". Other implementations also replace other characters, e.g. & and '. However, this behavior was likely due to a bug in the original implementation, and since each board has different behavior it should not be considered part of the algorithm. Further, some boards don't perform the Shift JIS conversion. Lastly, as a historical note, the original implementation only used the last 8 characters, but this has been fully replaced by 10-character tripcodes.
Tripcodes are not a very secure authentication method. Since the keyspace of 2channel-style tripcodes is not very large (slightly larger than 256) some boards implement a secure tripcode along with normal tripcodes. In their case another hash is used that takes a second input (typically in the form of
One of the drawbacks of secure tripcodes is that they are specific to a single imageboard or discussion board. Because of this, a user cannot verify his or her identity across multiple boards or websites unless each board happens to use the same secret salt as well as the same method of generating and displaying secure tripcodes. Coupled with the fact that it is fairly rare that a user goes through the trouble of discovering another user's tripcode string, many users opt to use normal tripcodes.