Menu
Im searching for the most secure (but yet doable) way of password management in a web app.
Right now, I save the password as hash. The DB account of the app is restricted to excecution of stored procedures and I authenticate users by giving the username and the hashed password to a stored procedure that returns 1(true) or 0(false).
So there is no chance of getting the password from the server, even if you have the DB account of the app. Thats what i like about this solution. But to use this, the client has to submit his password over the web, or at least a static hash that could be catched.
So I came to idea of using a handshake like this:
Using this handshake makes it possible to check the password without sending itself or a static hash of it. Just a dynamic salted hash, that is different each time the user logs in => Highly secure.
But for this handshake i need the password or at least the hashed password from the DB. But this enables someone to get at least the hashed password and bruteforce it outside the app.
What would you prefer? Keeping password inside DB and make anything there(secure server), or get it out of DB and do it outside(secure transmission)?
Thanks in advance, Marks
445
Hashing is a one-way process that converts a password to ciphertext using hash algorithms. A hashed password cannot be decrypted, but a hacker can try to reverse engineer it. Password salting adds random characters before or after a password prior to hashing to obfuscate the actual password.
Note that most modern hash algorithms, such as bcrypt and Argon2id, salt the password before they get hashed to protect passwords from hash table attacks and slow down dictionary and brute-force attacks. Don't use the username as the salt.
A cryptographic salt is made up of random bits added to each password instance before its hashing. Salts create unique passwords even in the instance of two users choosing the same passwords.
Password salting is a technique to protect passwords stored in databases by adding a string of 32 or more characters and then hashing them. Salting prevents hackers who breach an enterprise environment from reverse-engineering passwords and stealing them from the database.
Your proposed solution does not really solve the problem. The server has to know the password nevertheless, so it had to be transferred at some point in plain, which was what you wanted to avoid in the first place. This way you only avoid the password being sent again every time, but if someone caught it the first time it was transferred?
I think you should not reinvent the wheel :-) Use SSL for all connections and then your first solutions works fine. You can even perform the hashing on client side, so only the hash is sent over the secure channel. Your server will never know the password, and it doesn't have to.
107
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
