Menu
I've got an old application that has user passwords stored in the database with an MD5 hash. I'd like to replace this with something in the SHA-2 family.
I've thought of two possible ways to accomplish this, but both seem rather clunky.
1) Add a boolean "flag" field. The first time the user authenticates after this, replace the MD5 password hash with the SHA password hash, and set the flag. I can then check the flag to see whether the password hash has been converted.
2) Add a second password field to store the SHA hash. The first time the user authenticates after this, hash the password with SHA and store it in the new field (probably delete their MD5 hash at the same time). Then I can check whether the SHA field has a value; this essentially becomes my flag.
In either case, the MD5 authentication would have to remain in place for some time for any users who log in infrequently. And any users who are no longer active will never be switched to SHA.
Is there a better way to do this?
998
You cannot - they're not different "formats", they're entirely different hash functions.
As a general rule, MD5 is a hashing function, not an encryption algorithm. It's not possible to recover MD5 encrypted passwords to store them with another method. So, there is no way to directly convert MD5 hashs to their SHA256 equivalent.
The MD5 cryptographic algorithm is not reversible i.e. We cannot decrypt a hash value created by the MD5 to get the input back to its original value. So there is no way to decrypt an MD5 password.
MD5 is a cryptographic hashing function, which by definition means that it is only computed in one direction and it is not possible to "reverse" it back to its original form.
Use SHA2 () to convert the MD5 password to SHA256. It calculates the SHA-2 family of hash functions i.e. SHA-224, SHA-256, SHA-384, and SHA-512). Let us first create a table −
Many years ago I developed an asp.net site, implemented Forms Authentication, and stored the user passwords as MD5 hashs. From following basic security news it's pretty obvious that MD5 is no longer useful. I see two possible plans for handling my current users. Copy old users table into new design and hash the current MD5 into SHA-512.
You lose all of the collision resistance of sha512. If md5 (password1) == md5 (password2), then sha512 (md5 (password1)) == sha512 (md5 (password2)). I'm not a security researcher, but since you're hashing multiple times, I suspect you would actually increase the chances of a collision (chance of md5's colliding + chance of sha + md5 colliding).
From following basic security news it's pretty obvious that MD5 is no longer useful. I see two possible plans for handling my current users. Copy old users table into new design and hash the current MD5 into SHA-512. Then when users login I'll hash their input first as MD5 and then as SHA-512.
Essentially the same, but maybe more elegant than adding extra fields: In the default authentication framwork in Django, the password hashes are stored as strings constructed like this:
hashtype$salt$hash
Hashtype is either sha1 or md5, salt is a random string used to salt the raw password and at last comes the hash itself. Example value:
sha1$a1976$a36cc8cbf81742a8fb52e221aaeab48ed7f58ab4
You can convert all your MD5 Strings to SHA1 by rehashing them in your DB if you create your future passwords by first MD5ing them. Checking the passwords requires MD5ing them first also, but i dont think thats a big hit.
php-code (login):
prev: $login = (md5($password) == $storedMd5PasswordHash);
after: $login = (sha1(md5($password)) == $storedSha1PasswordHash);
Works also with salting, got the initial idea from here.
34
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
