Monday, September 17, 2007

Storing Passwords

Jeff Atwood:

…storing plaintext passwords in the database is strictly forbidden—that there’s a better way, starting with basic hashes.

Hashing the passwords prevents plaintext exposure, but it also means you’ll be vulnerable to the astonishingly effective rainbow table attack I documented last week. Hashes alone are better than plain text, but barely. It’s not enough to thwart a determined attacker. Fortunately, the kryptonite for rainbow table attacks is simple enough—add a salt value to the hashes to make them unique.

Thomas Ptacek:

The problem is that MD5 is fast. So are its modern competitors, like SHA1 and SHA256. Speed is a design goal of a modern secure hash, because hashes are a building block of almost every cryptosystem, and usually get demand-executed on a per-packet or per-message basis.

Speed is exactly what you don’t want in a password hash function.

1 Comment

Stay up-to-date by subscribing to the Comments RSS Feed for this post.

Leave a Comment