Is it possible for hackers to decrypt ASP.NET Membership password?

Question

I am implementing ASP.NET Membership, using default SQL Provider, default web.config settings.

I notice that passwords are hashed. But I don't know how asp.net hash my passwords, so I am not sure whether it is possible for a hacker to decrypt this?

If asp.net use the same rule to hash password, which everyone knows. than a hacker can easily crack it.

for example. If asp.net use MD5(123456), which result is "E10ADC3949BA59ABBE56E057F20F883E", then a hacker may have a MD5 Dictionary to look up this.

My settings is:

<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices"
             enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false"
             maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10"
             applicationName="/" />

-- SQL Statement:

SELECT am.UserId, am.[Password], am.PasswordSalt FROM aspnet_Membership am

-- The result is:

F10A635D-22DA-419C-84E6-767D2A35A010,tpeiwPt5+kFbcocQZOuc4aoHeuI=,PVq9dPtbFxze9Erbfd7HrA==

The password is 123456, it become "tpeiwPt5+kFbcocQZOuc4aoHeuI=".

Is this value always the same on different machines or different apps?

If this value has something to do with the salt "PVq9dPtbFxze9Erbfd7HrA==", is it possible for hackers to use this salt to decrypt my password?

Answer 1

To be able to answer this question, you have to understand two things: the role of hashes, and the role of salts.

The point of a hash is to distill an arbitrary string into a string of known length in a one-way process. That is, a good hash algorithm will do this in a manner such that it is a hard problem to find any string that hashes to the same value.

However, the problem is that hash algorithms always return the same result when given the same input. The point of a salt is to mitigate this problem in the event that the password database is stolen. Every time I hash a password, I generate a completely random salt, which need not be secret, and prepend it to my password before hashing it. This way, I ensure that every time I hash a given password, I obtain a different result. The reason that the random salt need not be secret, and in fact must be stored in 'plaintext' along with the hashed password, is because the same salt used to generate the original hash is required to verify, for authentication purposes, that a given password matches the hash.

Because a good salt is randomly generated every time a user wants to change a password, even re-storing the same password will almost surely create a completely different hash, as long as the application storing passwords makes proper use of salts.

If the hash algorithm is well-constructed, then the only attack possible against passwords stored with random salts is a brute-force search. Some hash algorithms like MD5 are considered 'broken', in that it is possible to find so-called 'hash collisions' in faster than brute-force time. You will want to find out which algorithm your platform is using to generate password hashes, and read up a bit to find out if hash collisions can be found for that algorithm.