-
Notifications
You must be signed in to change notification settings - Fork 140
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Insecure User Password Storage #133
Comments
thanks @kyRAD - great suggestion - happy to have this implemented in SI - just needs to be able to migrate old user passwords |
http://stackoverflow.com/questions/12459896/password-compat-for-older-php-version https://github.com/ircmaxell/PHP-PasswordLib ----- Original Message ----- SI uses MD5 hashing to store user passwords in database as per save.php#L46. Not only is MD5 for password storage bad practice as MD5 is considered extremely insecure, but SI does not even add a salt to it, which makes it even worse. See this post for a concise explanation on how to securely store a password. SI should be using a secure hashing library instead. PHP 5.5 has introduced password hashing functions which should be used. In the case a user does not have that version they can use the compatibility library made by the author of the PHP function which can be found here. Since such a change, which is definitely needed would break existing passwords, there would have to be a conversion done. If a login is successful using the MD5 stored password then that submitted password should be hashed then using password_hash() and then replace the MD5 hash. — |
Is this a possible fix independant of any library: http://stackoverflow.com/questions/14085421/implement-password-compat ----- Original Message ----- SI uses MD5 hashing to store user passwords in database as per save.php#L46. Not only is MD5 for password storage bad practice as MD5 is considered extremely insecure, but SI does not even add a salt to it, which makes it even worse. See this post for a concise explanation on how to securely store a password. SI should be using a secure hashing library instead. PHP 5.5 has introduced password hashing functions which should be used. In the case a user does not have that version they can use the compatibility library made by the author of the PHP function which can be found here. Since such a change, which is definitely needed would break existing passwords, there would have to be a conversion done. If a login is successful using the MD5 stored password then that submitted password should be hashed then using password_hash() and then replace the MD5 hash. — |
http://www.phptherightway.com/#password_hashing ----- Original Message ----- SI uses MD5 hashing to store user passwords in database as per save.php#L46. Not only is MD5 for password storage bad practice as MD5 is considered extremely insecure, but SI does not even add a salt to it, which makes it even worse. See this post for a concise explanation on how to securely store a password. SI should be using a secure hashing library instead. PHP 5.5 has introduced password hashing functions which should be used. In the case a user does not have that version they can use the compatibility library made by the author of the PHP function which can be found here. Since such a change, which is definitely needed would break existing passwords, there would have to be a conversion done. If a login is successful using the MD5 stored password then that submitted password should be hashed then using password_hash() and then replace the MD5 hash. — |
@apmuthu use the library I linked to above https://github.com/ircmaxell/password_compat . It's made by the author (@ircmaxell) of the PHP function introduced in PHP 5.5, and is compatible with older versions. It's the recommended one to use as it has been vouched for it's security. This library will allow you to use the PHP 5.5 functions and once you drop older support, you just need to remove the library file and your code will already be compatible. Under no circumstance should you ever create your own implementation, or use one that has not been peer reviewed. Btw the post you are asking about above is not necessarily independent of any library, it is using either using PHP 5.5+ or has a library included. Those functions would not work otherwise. You should read about the PHP password hashing functions, I linked to them in the original post. |
thanks - if we swap to new format - can we migrate old passwords? On Fri, Nov 22, 2013 at 5:23 PM, Kyra ツ notifications@github.com wrote:
|
@justinkelly the only way to migrate old passwords is at login. You need the original password to hash, and the only time you have access to that is when a user logs in successfully with the old MD5 hash. So this is what would be done:
That's pretty much he just of how the password "migration" would go. |
@kyRAD thanks- this is prob the best migration strategy - anyone interested in coding this? |
@justinkelly I can do it. I already have an understanding on how to do it, and how to do it securely so I'll just go ahead and do it. I'll see if I can get it made within the next two weeks or so as time permits. I'll post the code when done so can be peer reviewed. |
@kyRAD awesome - thanks so much!!!!!!!!!!!!!!!!!!!!! |
I just found this recommendation about migration on http://php.vrana.cz/ukladani-hesel-bezpecne.php (Czech version only) Tried to translate: Scrypt should be part of Zend Framework since 2.1, more here: |
I HIGHLY recommend against using the built-in implementation of scrypt from ZF2. I don't recommend scrypt in the first place for general password storage, but in the event that you do use it, do NOT use the PHP implementation of it. It is several thousand times slower than the C implementation (due to implementing crypto primitives in PHP), and therefore would leave you at significant risk of under-protection. Instead, you can adapt the algorithm to use bcrypt instead:
That's the basic logic involved, and will be significantly more secure than going with scrypt (and by migrating, you're not stuck with a legacy algorithm for all time)... |
Ok, I understand that Scrypt PHP library would be too slow and it could be strange to wait more than second to respond during login. In quoted article by Jakub Vrána there are mentioned three so called slow hash functions: Bcrypt, PBKDF2 and Scrypt. I just translated example with the last one, but it would also work with others. As I understand it the key idea of the article is: Anyway I don’t see it as the biggest security issue for Simple Invoices. What is an average number of users? Somewhere from one to five? I’m not sure, but to me there is bigger issue that SI isn’t prepared for two installations on the same domain. If you successfully log in to first folder you can then switch address and work with second installation. No username or password check even happen. |
@michelinium can we migrate from md5 to bcrypt bcrypt seems to be the favoured method around at the moment |
SI uses MD5 hashing to store user passwords in database as per save.php#L46. Not only is MD5 for password storage bad practice as MD5 is considered extremely insecure, but SI does not even add a salt to it, which makes it even worse. See this post for a concise explanation on how to securely store a password.
SI should be using a secure hashing library instead. PHP 5.5 has introduced password hashing functions which should be used. In the case a user does not have that version they can use the compatibility library made by the author of the PHP function which can be found here.
Since such a change, which is definitely needed would break existing passwords, there would have to be a conversion done. If a login is successful using the MD5 stored password then that submitted password should be hashed then using
password_hash()
and then replace the MD5 hash.Nice video : https://www.youtube.com/watch?v=8ZtInClXe1Q
The text was updated successfully, but these errors were encountered: