Monday, 18 April 2016

php - Salt and passwords










WARNING Don't use MD5 for passwords, use an alternative like bcrypt






For my passwords should I use salt like this (the salt will be unique to each user and not stored directly with the password)...



$salt = sha1(md5("coders gonna code"));
$password = md5($salt.$password);


or would it be okay if I just used:



$password = md5($password);



because if I used salt, even if the user makes up a bad password like password it won't matter because the salt (in this case) would be 145ac26ff093c6e1317f7d5fb4c9fd11c77be975 so the entry for there password would be 145ac26ff093c6e1317f7d5fb4c9fd11c77be975password which according to http://howsecureismypassword.net/ it would take 3 octodecillion years to crack.... so opinions? Or should I be even worse and go 



$password = md5($salt.$password.md5($salt));


If the person has gone far enough to get the salt hash, would anything be able to stop then going futher? < More of a statement this last password






To everyone who said I should do it per user... I know, this is just an example.


Answer



You should change the salt so that it is specific to each user, not a system wide constant. This will make rainbow table attacks against your password hashes much more inconvenient.



There is a good write up on the evolution of salting in this article by Troy Hunt.



Edit



$salt something unique to each password record, which adds much entropy to it. This is usually a random sequence of bytes, stored with the user account.




Hashing is traditionally done on the concatenation of salt + password. 



$passwordHash = hash($salt.$password);


As others have said, don't use MD5 for hashing. It is broken.



Applying additional proprietary algorithms to password or salt prior to hashing is not recommended. Instead, look at an industry strength solution such as PBKDF2, which, in addition to salting, also requires many (typically > 10k) repeated iterations which will further slow down an attacker.




If you adopt OWASP guidelines, the number of hashes performed should be increased regularly (to counteract Moore's Law). The number of hashes should also be persisted per user, meaning you will need to store the triple of hashed password, salt, and number of iterations.


-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

c++ - Does curly brackets matter for empty constructor?

Those brackets declare an empty, inline constructor. In that case, with them, the constructor does exist, it merely does nothing more than t...