I am developing an admin panel for the company I'm working at, and was wondering about something. I want to increase the experience for the employee. I want them to be able to connect to their email by entering the login credentials, and then read the emails inside the admin panel. What I need help with is this:
If I establish an imap_open connection, I need the password in plain text (as far as I know). I can't safely save the password in the database knowing that it would be a catastrophe if a hacker got their hands on the data.
Basically, I want to:
Create an imap_open connection with an ENCRYPTED password. Preferably as bcrypt.
Do any of you know how to do this? I've searched on google, and even seen some other questions on stackoverflow, but I can't seem to find an answer to the question. I would NEVER save the password as plain text. And just using a COOKIE or SESSION seems cumbersome.. for the admin to login to their email all the time, when all I want is for the email to load for the appropriate admin account when logged in.
If I'm understanding correctly, you want to:
store the user's password securely on their machine
use it to connect to the mail server
download email
Storing the user's password in plaintext is clearly a no-no. There are different ways you can handle this. The application could actually request the password from the user, which is an easy but not very convenient solution.
Usually passwords are stored using one-way hashing schemes such as SHA256 or bcrypt, but that means that you can only check whether a password matches them; you can't retrieve the password and send it elsewhere. So you have to turn to symmetric key encryption. You store the encrypted password somewhere (in a database), and when you need it you retrieve it, decrypt it, and send it over your IMAP connection. The problem with encryption is that it relies on a key, which may be compromised at some point, but hashing is not an option if you need to retrieve it.
The other thing to note is the risk in sending the password in cleartext. This is very much taken care of if your server uses SSL.
Yes, of course AUTHENTICATE PLAIN encodes a password. But servers which support admin access allow you to encode the admin's password along with the user's name so you can access the user's account.
$login_str = sprintf("%s\x00%s\x00%s", $user_name,$admin_name,$admin_pwd);
$login_str = encode_base64("$login_str", "");
When you use the encoded string in an AUTHENTICATE PLAIN login you are given access to the user's account. And you don't need the user's password.
If you do this with AUTH PLAIN...
sprintf("%s\x00%s\x00%s", $user_name,$user_name,$user_pwd);
Then you get access to the user's account. But supplying admin credentials seems to do what the OP wants to do without storing passwords.
If your IMAP server supports admin login via AUTHENTICATE PLAIN then you don't need the user's password to access his mailbox.
Many IMAP servers support this, for example Dovecot, CommuniGate, Zimbra, to name three off the top of my head.
Related
I am currently programming a WebApp in which I need to use an API from a large company. I need to store my users' data for accessing the API somehow. How can I store my users' API keys in my database without them being used in case of a data leak?
I want the password to be linked to an account so that the user only has to enter the password once, even if they access the WebApp from different devices?
To be precise, I would need to store a username and password that can be associated with an account.
If i would encrypt the Password somehow i would really like to do it in PHP, so that everything is happening on my Servers.
I thought about encrypting the data for the API with the User Password of my WebApp but even with that i don't know how i would do that in PHP.
Addition 02.11.2022
The API (which is a school-timetable-app) doesn't use Keys, it uses the Login Credentials (Password and Username), with which the users even login to the application. The API is just an readout of the school-timetable-app.
Let's say I have a MySQL database with thousands of user accounts in it. These accounts contain lots of data, but for verification purposes, they each contain a username and a (hashed and salted) password. Now, when a user requests signing in, I will take a username and password from them, transfer it via WSS to a Node.js server then transfer it via HTTPS to a PHP file on another server. On that server I will look up the username in the MySQL database, and if I find an account, I will hash the password and see if it matches that username's password. If they both match, then I want the PHP file to create a "verification token" of sorts, save it (and associate it with the account verified) and send the token back to the Node.js server. I then want the Node.js server to send that token back to the client and for the client to save that token. Now the next time the user connects to the Node.js server via WSS, I want the client to check for an existing token, and if it exists I want it to send that token via WSS to the Node.js server, the Node.js server to send that via HTTPS to a PHP file, and that PHP file to see what account that token belongs to, and complete the sign in...
So I guess my first question would be: Is this a good model? Would this be a good idea, and would this be secure, or should I do this differently?
My second question is: What would be the best way to go about generating this token? Should it be completely random? Should it be a combination of letters+numbers? Should it be a hash of some random values? How should I go about the generation of this "token"?
To clarify, I'm not asking how to build a server or make requests or transfer data or anything of that sort, I'm merely asking what is the most secure way to generate a "token" that can be used as authentication to the same degree that a username+password can be used.
Thanks in advance! I'm sorry if this is a really stupid question.
I think you are describing a JWT. There are several packages implementing this in PHP.
I am using Instagram API by mgp25.
Here, you can gain access to the IG api via "logging in": the API (in php) requires a password and account id to be in plain text format when gaining the access.
Here is the setup that I have:
I have a site where there are users and the site has IG API integration. These users can input their Instagram User/Password (not the user info to log into the site) to gain access to the API.
However, these API only accepts plain text for password (since the password will then be verified within the IG server).
Problem:
The problem that I am having is the password security. Obviously I can't store the IG password as plain text, but if I hash them, it can't be used to login to the API either (as it is one-way only).
Methods:
I can only think of encrypting the password (not hashed) and decrypt them when needed. However, I can see a few issues with that approach as well.
I wanted to ask you guys what you guys think of the best way to address this issue.
(note. The official IG API has some limitation and are only allowing official business partners to have more functions which I need them. So the API by mgp25 is the only viable option at the moment).
You could require the password only once. The private API will save the cookies / session forever and you do not need to do a login again.
So this way you don't have to store passwords and, if for some reason the user is logged out, then you ask for password again. Does it make sense?
I'm developing a mail client in PHP for a customer, and they want the ability to handle all of their various email accounts from this single client.
The user should not have to type all passwords every time he wants to use the service, and thats my problem. Is there a way to retrieve and send mail through Gmail without entering the password to the mail account? Is there some other way? Or must I save the passwords in my database with some encryption and decrypt it with a "hidden" key?
https://developers.google.com/google-apps/gmail/ Read the OAuth section.
OAuth gives you a token, instead of a password. Even if the user changes his gmail password, said token would allow you to access his inbox and such.
As for Hotmail... i think no OAuth API is out there, sadly.
Read this just in case:
http://msdn.microsoft.com/en-us/library/live/hh826535
Authentication with the email server will need you pass the password, so you are right about the crypt and decrypt mechanism (a cipher) for storing it in the database of your application. That will prevent email passwords be readable if someone gets your data, but you will need to be carefoul in how application stores the key to decrypt. Here are some extensions in PHP for ciphers http://www.php.net/manual/en/refs.crypto.php
I will have username and password of gmail I want to develop an application in which i have an login in my site.When i do login in my site . I must get automatically login into gmail.There must be a link when the user clicks on the link he must be automatically get login into the site. I will demonstrate it with am example
Username:XXXXX Password:XXXXX
Click here to go to gmail
It will be something like above on my Website. When user enters the Username and password And gets login and if he clicks on the link.He must be able to see his gmail account.I mean to say he must be login to gmail.
This is a terrible idea, in order for your system to even attempt to log on to gmail - you would have to have access to your users' password in plain text format at some point.
That means, the password would either be stored as it is or you'd have to use an encryption function rather than hashing one to save the password within your db. At some point, you'd have to decrypt and send plaintext password for gmail logon.
So why not reverse the logic? Why not have the user logged on to your site if they are logged on to gmail? Mechanism for doing such a thing exists for years, it's called OpenID and even SO uses it. I suggest reading up on that rather than potentially screwing up someone's data with poorly designed system.