Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Safe way to store decryptable passwords

Tags:

security

php

passwords

password-encryption

I'm making an application in PHP and there is a requirement that it must be possible to decrypt the passwords in order to avoid problems in the future with switching user database to different system. Consider that it's not possible to modify this future system's password method and I need plain text passwords in order to have the passwords generated.

The plan is to encrypt the user's password with a public key that is stored on the server. Authentication is done by encrypting the input and comparing the results. There is NO decryption done. The private key capable of the decryption is stored off-site for later usage.

What encryption/decryption algorithm would you suggest? Are the encrypted passwords still as safe as hashing (MD5/SHA1) when you consider the private key is not available to the attacker?

like image 804
Jammer Avatar asked Mar 31 '10 19:03

Jammer

People also ask

Where is the appropriate place to store your passwords?

Pros of using a password manager application: Best place to store passwords — A reputable password manager app is the best way to store passwords securely. A password manager allows you to easily create, manage, and access your secure passwords.

Is it safe to store passwords in email?

Actually, emailing yourself your passwords is a really bad idea, and here's why: Emails are usually sent in plain text. Without encryption, your passwords are susceptible if your email account is ever compromised. Unsafe passwords sent via email often pass through several systems and servers.

Is it safe to store passwords locally?

By storing data locally, the only way to access it is through malware installed on the user's computer that is able to access and log keystrokes. But in this case it's already game over since the malware logs every keystroke, which means you can forget about privacy and security.

2 Answers

I'll rephrase Jammer's approach -

  1. Generate a public/private key pair. Hard-code the public key on your webserver. Store the private key in a physical bank locker, outside the reach of webserver/database/any developer.
  2. When user registers, encrypt password + salt using public key. This step is identical to using a hash algorithm. Store the encrypted password + salt in the database.
  3. When you want to verify the password, encrypt it again, and compare it to the value stored in the database.

If an attacker gets the database, he can't decrypt the passwords because he doesn't have the private key. He cannot get the private key because it is in a bank vault outside his reach. Two identical passwords will still be stored differently in the database because of the salt.

I don't recommend using the above approach because at any point of time in the future someone could abuse the private key and get access to all passwords.

But if you guarantee that the private key will always remain private, then I don't see a technical flaw.

I could be wrong, of course.

like image 196
Sripathi Krishnan Avatar answered Oct 11 '22 21:10

Sripathi Krishnan

Don't decrypt the password. If you need to change the password system in the future, add a field called storage_type (or whatever).

Then, when you need to change the passwords, you will check if it's an old password. If it is, next time they login, you can change the password encoding. Otherwise, login with the new system.

like image 45
Macha Avatar answered Oct 11 '22 20:10

Macha
Sign in to Comment

Related questions

When would you need to use late static binding?
How to combine requests for multiple javascript files into one http request?
How do I check to see if a Smarty variable is already assigned?
what is best way to improve performance of zend framework?
hmac_sha256 in php and c# differ
PHP-Soap pass method parameters
Php, date manipulation?
How can I use and access an SQLite DB using PHP and Wamp Server?
Methods defined outside class?
Hide index.php (or index.html) of an URL
PHP/MySQL security--where to begin?
unbindModel call in CakePhp. How does it work?
Sending a file via HTTP PUT in PHP
Zend Framework: Autoloading a Class Library
Why did the creator of prado create Yii?
Building PHP Competencies in an organization [closed]
Problems opening php files in Eclipse
Skipping PHP end tag [duplicate]
Getting the contents of a file with PHP FTP
How to know if the website being scraped has changed?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!