Cryptohaze Password Security

Password Storage: You're doing it wrong if:

If any of these sound familiar, you might be doing password storage wrong. If so, there's good news: There are MUCH better ways to store passwords that are completely immune to the commonly available tools by being so computationally expensive that attacks on them are not feasible. Some things that indicate you're doing it wrong:

  • You see no reason to encrypt passwords at all - nobody will get your database!
  • You think storing md5($password) is secure.
  • You think storing md5(md5($password)) is secure.
  • You let users log in with plaintext passwords over unencrypted HTTP.
  • You wrote your own nifty password hash system that MUST be secure - nobody else uses it!
  • You think salt goes in your food, not in passwords.
  • Password Storage: Good examples

    There are good ways to store passwords, and bad ways. Here are some good password storage methods.

  • Unix MD5 (or Blowfish, or... really any modern Unix password algorithm).
  • PHPBB3
  • These combine long salt lengths, many rounds, and in the case of PHPBB3 hashes, variable round counts. This is a great way of storing passwords that makes attacks less likely to succeed.

    But my database is secure!

    Really? You'd bet your users security on that? The sad fact is that for most websites, SQL injection attacks are very common, and may not leave any trace that the entire password database has been dumped to malicious individuals. A SQL injection attack that reveals your user data is bad - don't make it worse by letting the attackers easily get your the passwords too.