This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
what is best possible way of salting and storing salt?
Improve password hashing with a random salt
Assuming that using a correct algorithm for password hashing and generating different salts for each password...
Is it a security risk to store salts separately from password hashes? For ex. in a database table, storing password hashes in one column, and password salts in a separate column?
I saw strategies where the salt is embedded into the password hash itself, by using a specific algorithm. Later on the salt can be extracted from the password hash. Is this more secure?
From everything I have ever read and done, there is nothing wrong with storing the password hash and password salt in separate columns, and that is the most common way to do it.
The basic method for authentication should go something like this:
Retrieve user_id and password_salt using user supplied username or email
Concat user supplied password input with retrieved salt
Use hashing algorithm on combined string
Check created hash against the hash in the database
Related
This question already has answers here:
How do I convert password hashing from MD5 to SHA?
(7 answers)
Closed 11 days ago.
I would like if it's possible to change the hashing method for an already hashed password. For example:
$password_input = '123456789';
$hashed_password = md5($password_input);
// The output would be 25f9e794323b453885f5181f1b624d0b
The result was made with the following online tool:
https://helloacm.com/md5/
The next step would be insert the hashed password into the database. When I do this the given hashed password will be in the users table. If I select that password, can I change the md5 hash by a sha-256? For example:
$md5_password = '25f9e794323b453885f5181f1b624d0b';
$sha256_password = hash('sha256', $md5_password);
If this would be possible, would it break the login function? I mean if I use password_verify method, will it return true?
You will not get password back from md5, you can't unhash one way hash algorithms.
What we do - incorporate re-hashing in login flow.
User logins to your system with old hash password
You detect, that this user needs re-hash
While still having sent plain text password you hash it with new algorithm and save to database
Next time user logins with newly hashed password without problems
This question already has answers here:
How does password salt help against a rainbow table attack?
(10 answers)
How can bcrypt have built-in salts?
(5 answers)
Password hashing, salt and storage of hashed values
(4 answers)
Closed 3 months ago.
I am wondering about how password_verify() verifies the hash, I have reviewed the documentation and many answers in StackOverflow, but I didn't get the idea
because, as I understood, this function will compare the hash with entered password after hashing it again, and use the same salt and cost and algorithm,
but the question here: if anyone can separate the salt from the hashed password, then anybody also can try to use rehash and try to match, and the salt will be useless here. Am I right, or what?
The salt have to be generated randomly each time the fonction is used (and it's what this function does, and not accept custom salt anymore).
For example:
<?php
$password = "nothing";
echo password_hash($password, PASSWORD_DEFAULT);
echo PHP_EOL;
echo password_hash($password, PASSWORD_DEFAULT);
Give the response :
$2y$10$mdJRjsoc1vR11SKa2JDyS.qSlxja/a0SUPuXC1NKsRLkzmayKwjku
$2y$10$H2th6dRY/i.xZzXSGxDZ1uaiwZx6s0.FM0NXcBcBQ0E2aNEHCJ57m
It's the same password with differents results.
The hashed password is stored in a database or a file. In this case, an admin system (or someone who's hacked the database) can't say if the same password is used by differents users. Another point, rainbow tables can't be used with hashed password with salt. Only brut force can be done.
Using the same salt for all is not more secure than using simple hash algorytm.
This question already has answers here:
Secure hash and salt for PHP passwords
(14 answers)
Closed 8 years ago.
I have read tons of questions and tutorials about encrypting a password, and while I've learned a lot, nowhere did I find an answer to this.
I want to use crypt() for hashing a password that I will store on Database. I also know I need to use a salt so it works properly, and I've read that the best way to generate a random salt is by using this or something similar.
If I understood correctly the process is this:
User enters a password
Random create a salt
Hash password and salt
Store result in database
But then how do I recover the salt when user tries to login?
User enters his password
I somehow add his own unique randomly generated salt
Hash both of them together
Compare it to hashed salted password stored in Database.
In a few questions I've found, one of the answers was to store the randomly generated salt on the database. But I thought the whole purpose of salting was to be more secure, if an attacker got access to my DB he would see the 'salt' fields and even if my passwords are encrypted he would gain easy access to accounts.
Other answers said that the 'salt' is prepended to the password when using crypt() so there is no need to store it in a separate field. My question is, how do I get access to it? Is there some function that does this and I'm totally missing?
You store the salt in your db, along with the hashed password, i.e. hash(salt+password).
If your database gets compromised and someone gets all the hashes and the salts, they cannot run a rainbow table attack against your hashes - they will need to brute force each hash. With a good hashing algorithm, the brute force attack is unfeasible.
What is a rainbow table attack?
Lets assume a generic hashing algorithm, hash(f).
I, as an attacker, precalculate common passwords (f) and their hashes (hash(f)). Now, when I get your unsalted database of hashes, I just need to look through your database for hashes that match my precalculated table (rainbow table).
For example, if my rainbow table stores that for f = qwerty, hash(f) = someRandomHash, I look through your database for someRandomHash and as soon as I find it, I know that user's password is qwerty.
However, if you salted your passwords, when a user set his password as qwerty, you calculated his hash as hash('saltqwerty), which means, you did not calculate his hash as someRandomHash but instead as someRandomSaltedHash. This renders my rainbow table completely useless.
I am left with no choice but to brute force your table. I know the salt, but I don't know the password, so I have to calculate hash(salt+password) for every possible permutation and combination of password. With a slow enough hashing algorithm, this can take centuries (worst case).
How do you login a user?
User submit his user_id and password. You query the database for the salt for that user. Then you compute hash(salt+password) and compare against the hash stored in your database.
You can safely store a hashed password and a salt in the same database - the idea is that since the salt is different every time, even the exact same passwords will be stored differently in the database, which virtually eliminates brute-force lookup weaknesses associated with things like md5-encoded passwords.
Out of an obvious mass confusion, if you're able to use PHP v5.5.0 or higher, password storage has become remarkably easier with the use of password_hash and password_verify.
As an additional benefit, these functions don't require you to have separate password and salt fields in your database - you can simply store the returned password_hash value and use password_verify with the clear-text password to validate.
I don't know a lot about high level security DB, but how about this?:
hashedPassword = hash(UsurID+GivenPassword)
So, at logon time, youget first the User Login, and his ID, and then the given password to compare with the hashedPassword tha is already in DB.
As I said, I dont know if this will increase security, but at least it makes all passwords differents, doesn't?
Anyway, I'm still learning too.
This question already has answers here:
Password hashing, salt and storage of hashed values
(4 answers)
Closed 9 years ago.
How to implement an algorithm for storing and comparing hashes in 2048bits for passwords with random salt for each password with PHP?
EDIT 1:
I guess I was not clear enough in my question. What I mean is that I will not make my encryption algorithm. But how could store a password and salt. Being the random salt for each password. Well, it would not be sensible to store the salt along with the password in the database.
EDIT 2:
That would be a good approach?
1) user enters their password,
2) system generates a hash of the password,
3) system generates a password for this salt (I use time ()?)
Being the random salt, how and where could store the salt to the password? Please, I would not want to store the salt along with the password, because I think this is not so sure.
So after the stored password and the salt of the same when the user logs in, I get the password hashes stored along with the salt and compare it to the hash of the password supplied with the salt saved.
Where to save the salt?
This would be a good approach to do this?
"Well, it would not be sensible to store the salt along with the password in the database."
"Because if my database is compromised and someone has access to this data, it will have the salt for each password with each password. And that is not correct. Well I think I just would not make sense to use a salt and give it to brute force along with the password. Because it would be correct?"
These core assumptions are wrong. The point of a salt is to add a unique element to each password so two identical passwords won't hash to the same hash value. The salt is not secret. I repeat: the salt is not secret. The secret is the password, the salt just adds the uniqueness. An attacker will have to brute-force a password by trying every possible combination of characters and comparing the result to the hash value. If he also knows the salt, he will still have to do exactly that.
If the attacker successfully brute-forced the password "foobar" without salt, he has brute-forced every password "foobar". If you add a unique salt and the attacker successfully brute-forced the password "foobar" + salt, he has only brute-forced that one password. He'll have to attack every other password "foobar" separately, since they all hash to a different value, thanks to the unique salt.
That is the point of a salt. Yes, it would be even better if you could keep the salt secret as well, since then the attacker would have to essentially brute-force a value many times longer. But that's infeasible, since you need access to the salt to confirm the password as well. If you need to have access to the hash and salt, then an attacker who has access to the hash likely also has the same access to the salt. It also does not detract from the security if the attacker has access to the salt.
This question already has answers here:
Closed 11 years ago.
Possible Duplicate:
Secure hash and salt for PHP passwords
Is this a secure way to encrypt the passwords to store in a mysql database:
md5(sha1($password))
Thanks.
What you are doing here is hashing, not encrypting.
Hashing has the purpose of not storing the password itself in the database, so that if the database is stolen the attacker will not gain knowledge of all user passwords.
Hashing should be used in conjunction with salting the hashes, because otherwise it will be relatively easy for an attacker who has gained access to the database to crack the weak passwords stored there.
Also, hashing the same input twice (as your example does with md5 and sha1) does not offer any significant benefit.
Generate random salt for each password and compute password digest with HMAC-SHA1. The salt is used as key and password is used as message. The salt and digest are stored into database.