Context Navigation

Changes between Version 1 and Version 2 of Ticket #1030, comment 4

Timestamp:: 02.11.2016 22:46:12 (8 years ago)
Author:: JuergeN
Comment:

Legend:

: Unmodified
: Added
: Removed
: Modified

Ticket #1030, comment 4

-                      v1
+                      v2
 Replying to [comment:2 jri]:
+> From what I understand, in DM the user enters a password which is then hashed at the client side before it is stored in the backend. Hashing the password at the client side is a good starting point, but to my understanding a bad idea, if this is the only action to protect the user account.
+>
+> My suggestion would be to store a server specific salt in a config file at the server side and to add an individual random salt per user which is stored in the database for each user. The user's password will still be hashed once the client side. To make the hash of a very weak or very short password a little bit more secure before hashing, we could prefix it with the username. Then this hash will be rehashed at the server side together with a per user random salt and the server side fixed salt prepended.
+>
+> As a result one cannot find out a user's password if any of the components is missing. Even if you have the database but not the server side fixed salt (e.g. from a database backup), you still cannot find out the user's password.
+>
+> You might also want to read this informative article on the issue:
+> https://crackstation.net/hashing-security.htm
+From what I understand, in DM the user enters a password which is then hashed at the client side before it is stored in the backend. Hashing the password at the client side is a good starting point, but to my understanding a bad idea, if this is the only action to protect the user account.
+My suggestion would be to store a server specific salt in a config file at the server side and to add an individual random salt per user which is stored in the database for each user. The user's password will still be hashed once the client side. To make the hash of a very weak or very short password a little bit more secure before hashing, we could prefix it with the hashed username. Then this hash will be rehashed at the server side together with a per user random salt and the server side fixed salt prepended.
+As a result one cannot find out a user's password if any of the components is missing. Even if you have the database but not the server side fixed salt (e.g. from a database backup), you still cannot find out the user's password.
+You might also want to read this informative articles on the issue:
+https://crackstation.net/hashing-security.htm
+https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet