phpass HAVE BEEN CRACKED! What is the solution? / Forums / Community / EllisLab

Forum Logo

4 of 4

phpass HAVE BEEN CRACKED! What is the solution?

Posted: 03 October 2010 11:50 AM

[ Ignore ] [ # 46 ] [ Rating: 0 ]

Joined: 2010-09-06
15 posts

After reading this thread, and seeing that after the developer does his part, the user still needs to pick a decent password in the first place, I found this: http://www.passwordmeter.com . Maybe some of the rules it checks for can be put into your password form, and require a user to get xx% before allowing registration or password change. It’s javascript, and GPL licensed.

Kevinlaan

Posted: 03 October 2010 03:32 PM

[ Ignore ] [ # 47 ] [ Rating: 0 ]

Joined: 2010-10-03
1 posts

Thats the reason why you should use a SALT on your password.

In that way it is IMPOSIBLE to crack!

$password = $_POST[‘pass’];

$encryptpass = $password . ‘saltkey’;

$encryptpass = md5($encryptpass);

OR what do you think?

WanWizard

Posted: 03 October 2010 04:03 PM

[ Ignore ] [ # 48 ] [ Rating: 0 ]

Joined: 2008-11-04
4404 posts

For ExiteCMS I even do double hashing:

// generate a random salt for this password
users->salt = md5(microtime(TRUE));

// create the new password hash
$users->password = md5(md5(set_value('newpassword')).$users->salt); 

Signature

Me: WanWizard.eu | My company: Exite | Datamapper: DataMapper ORM

slowgary

Posted: 03 October 2010 06:52 PM

[ Ignore ] [ # 49 ] [ Rating: 0 ]

Joined: 2009-03-21
679 posts

WanWizard,

Hashing twice is worse than hashing once. It increases the chance of a hash collision.

Dennis Rasmussen

Posted: 03 October 2010 07:01 PM

[ Ignore ] [ # 50 ] [ Rating: 0 ]

Joined: 2010-09-17
606 posts

Slowgray is right about that.
Instead of doing more than one hash, use complicated salts and/or add in some concat/replace/encrypt/etc and only hash once with md5, sha512 or another algorithm.

If you hash the string more than once you may end up having more than one of the same results (collision).

Signature

I love lasagne!

WanWizard

Posted: 04 October 2010 03:53 AM

[ Ignore ] [ # 51 ] [ Rating: 0 ]

Joined: 2008-11-04
4404 posts

It’s been there for the last few years, when rainbow tables came in fashion.

Getting rid of it is quite difficult, because rehashing would require you to know the password. Can’t break running sites, or reset all users passwords.
i’m thinking about doing this using sha1() after a succesful login (then I have access to the plain text password). I could use the length of the field to determine which method I need to be able to validate the password.

Another item on my very long todo list…

Signature

Me: WanWizard.eu | My company: Exite | Datamapper: DataMapper ORM

echoDreamz

Posted: 04 October 2010 04:10 AM

[ Ignore ] [ # 52 ] [ Rating: 0 ]

Joined: 2009-07-15
83 posts

WanWizard - 03 October 2010 08:03 PM
For ExiteCMS I even do double hashing:
// generate a random salt for this password users->salt = md5(microtime(TRUE)); // create the new password hash $users->password = md5(md5(set_value('newpassword')).$users->salt);

Do you store the salt somewhere? How do you compare the stored password against the one currently entered? since microtime() changes, the generated MD5 hash would never been the same even with the correct password.

WanWizard

Posted: 04 October 2010 05:54 AM

[ Ignore ] [ # 53 ] [ Rating: 0 ]

Joined: 2008-11-04
4404 posts

The salt is stored in the user record at the moment, it is generated when the user record is created, or regenerated when the user changes the password.

We thought about storing the salt elsewhere, but imho the benifit is negligible, if a hacker can get in to the level that he has access to the database tables, he probably has access to all other data as well…

This is the code used in the local authentication module of ExiteCMS:

// attempt to get the user info
$user = $this->fetch( array('name' => set_value('auth_local_username') ) );

// a user found? then use the salt (if present) and check the password
if ( $user->id )
{
    // check if this is an MD5 or SHA1 password hash
    if ( strlen($user->password) == 32 )
    {
        if ( ! empty($user->password_salt) )
        {
            // encode the password
            $password = md5(md5(set_value('auth_local_password')).$user->password_salt);
        }
        else
        {
            // encode the password
            $password = md5(md5(set_value('auth_local_password')));
        }
    }
    else
    {
        if ( ! empty($user->password_salt) )
        {
            // encode the password
            $password = sha1(set_value('auth_local_password').$user->password_salt);
        }
        else
        {
            // encode the password
            $password = sha1(set_value('auth_local_password'));
        }
    }

    // does the encoded password match?
    if ( $password === $user->password )
    {
        // update the password to a SHA1 hashed password if needed
        if ( strlen($user->password) == 32 )
        {
            // generate a random salt for this password
            $user->password_salt = md5(microtime(TRUE));

            // create the new password hash
            $user->password = sha1(set_value('auth_local_password').$user->password_salt);
        }

        // we have a valid login. update the last_visit timestamp
        $user->lastvisit = now();
        $user->save();
    }
    else
    {
        // no match
        $user = $this->rbac->library->rbac->_dummy_user('guest');
    }
}

// user record found?
if ( ! $user->id )
{
    // no. logon failed, show an error message and signal failure
    $this->exitecms->message( $this->self->lang->line('authentication_account_unknown'), MSG_ERROR );
} 

Signature

Me: WanWizard.eu | My company: Exite | Datamapper: DataMapper ORM

PermanaJ

Posted: 06 April 2011 10:58 PM

[ Ignore ] [ # 54 ] [ Rating: 0 ]

Joined: 2008-12-10
42 posts

My friends suggest me to use character that does not exist in keyboard as a password, such as ™, —, ž, etc

but it will be hard to type in mobile device

defectivereject

Posted: 13 April 2011 05:54 PM

[ Ignore ] [ # 55 ] [ Rating: 0 ]

Joined: 2010-06-25
41 posts

Safest way I’ve found is to salt the password then use the php encrypt function, and for extra measure I sha1 that but really don’t need too as encrypt and salt is enough and recommended by f-secure

WanWizard

Posted: 13 April 2011 07:10 PM

[ Ignore ] [ # 56 ] [ Rating: 0 ]

Joined: 2008-11-04
4404 posts

Use pbkdf2() instead of sha1(). No need to encrypt, hashing is sufficient. See here for a good article on the subject.

Note that it is important to use a fairly large number of iterations. For example iOS4 uses 10.000 iterations to hash passwords.

Signature

Me: WanWizard.eu | My company: Exite | Datamapper: DataMapper ORM

Flatline

Posted: 21 June 2012 11:01 AM

[ Ignore ] [ # 57 ] [ Rating: 0 ]

Joined: 2011-10-13
4 posts

I know this thread is old, but I just wanted to suggest something that I haven’t found here and have your opinion.
The most secure methods are at risk when the hacker is after only one password and not the whole users table. Or, in lack of a target, I’d concentrate in the first records as, odds are, one (or more) of them is the admin.
A rather extreme, but very useful method is what Google and Steam do: two-factor authentication. Basically, after a successful login, send a unique token to the user’s email or phone, have him enter it on the site, and remember it for 30 days or so. Is extremely unlikely for an attacker to have access to that unique code, and, if so, probably won’t store cookies during the attack, prompting for the token each time.
You can do it as I described, by sending an email, or send it to the users phone using DUO Security API (if you can afford it - http://www.duosecurity.com/ ) or building your own mobile app.
I found this to be a very good security method when used along with a good hashing algorithm + random salt. What do you think?

4 of 4

First