Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Why encrypt user passwords? [duplicate]

Possible Duplicate:
Why aren’t original passwords stored?

Why would one store encrypted user passwords in a database, if the password is the least valuable part of the data? It doesn't seem like it would affect external attacks; setting a limited number of login attempts per day per account would be effective. It doesn't seem like it would affect internal attacks; if someone can access the passwords, they've also got access to the more valuable data in the rest of the database.

Am I missing something here? Shouldn't the entire database be encrypted using user passwords as a key for the password encryption itself to be effective?

Combined his post below with his question:

Ok, I asked the question in a bad way. Let me rephrase this.

If someone breaks into this system, the fact that they have the user's passwords is one of the least of my concerns. I'll be encrypting passwords but in my humble opinion, the other data in the database is way more valuable. Assume that if an internal attacker has that data, they don't care about the passwords.

If nothing else in the database is encrypted and everything else in the database is what an attacker actually wants, did encrypting passwords actually solve anything?

like image 842
Anonymous Coward Avatar asked Jul 09 '10 13:07

Anonymous Coward


People also ask

Why should you encrypt passwords?

Encryption scrambles your password so it's unreadable and/or unusable by hackers. That simple step protects your password while it's sitting in a server, and it offers more protection as your password zooms across the internet.

Why is it important that your accounts are encrypted?

Encryption helps to protect data using a special kind of code to scramble it. The information can then only be read by someone with the key to that code. This all happens at the click of a button – but you need to have the right systems and processes in place.

What is better password or encryption?

Because sensitive information or data is encrypted or masked using an algorithm and a key, encryption is safer than passwords. Only the right key can decode the message, and a cipher is a key to the code.


1 Answers

Because, hashing passwords will protect it from attacks from inside the organization. This way people who have access to the database won't know the user's password.

People have a habit of using the same password over and over, and so if your database is accidentally compromised, your organization isn't the one that makes the user's other accounts comprised in other organizations. Now should people do this, no, but they do, and it's a lot easier to hash the passwords, than it is to explain to your customers why someone on the inside got a hold of the passwords and caused damage to several accounts in other systems not related to yours.

If you think that this reason is too exaggerated, you might want to know that it actually happened to Jeff Atwood, Stack Overflow creator. He described how the whole Stack Overflow was compromised in his blog post "I Just Logged In As You: How It Happened".

Edit:

To further answer you question, your other sensitive data should be encrypted as well. A lot of cyber attacts are inside jobs, and I hate to say it, but you have to be paranoid about who can see what information. Anything that you deem sensitive that you don't want people to know unless they are specifically authorized to see that data, should be encrypted in the database. You are right there are times when comparing what can be stolen the password isn't that much of a concern to you. The key is "to you". It is to other people, and should be protected along with the other sensitive data in the system.

like image 146
kemiller2002 Avatar answered Sep 18 '22 23:09

kemiller2002