How to store passwords securely when using different authentication mechanisms
https://stackoverflow.com/questions/8238829
-
07-03-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
For a fun project I want to support the SASL Mechanisms for authentication, especially PLAIN and DIGEST-MD5.
My question is: how can I store the users' password securely if I need to support those two ways of authentication?
With only PLAIN auth it would be really easy, I just store the password with bcrypt and compare the user submitted password with the stored pw using the bcrypt_compare function.
But how can I store the password securely when also DIGEST-MD5 should be possible? Should I store the whole calculated response and use that also for the PLAIN comparison? Or is there some other way?
//Edit: Regarding the "fun"-project. At the moment it is a fun project but no one knows if it will be a non-fun project at some point. And I don't want to decrease the security just because it's a fun project..
Solution
The DIGEST-MD5 specification tells you what a server needs to store for that authentication method:
3.9 Storing passwords
Digest authentication requires that the authenticating agent (usually the server) store some data derived from the user's name and password in a "password file" associated with a given realm. Normally this might contain pairs consisting of username and
H({ username-value, ":", realm-value, ":", passwd }), which is adequate to computeH(A1)as described above without directly exposing the user's password.
...so all you need to store for DIGEST-MD5 is H({ username-value, ":", realm-value, ":", passwd }).
You could separately store a bcrypt hash to use for PLAIN authentication, or you could just use the DIGEST-MD5 value. If you stored separate values then you could allow your users to selectively turn off DIGEST-MD5 authentication, which would allow you to remove that (easily-bruteforced) information from the database for those users.
OTHER TIPS
Don't store the password in plain. Store the hash and compaire in both with the hash. You can easily get the hash with the plain password.
Here ist how to create a good hash:
function hash_password($password, $nonce) {
global $site_key;
return hash_hmac('sha512', $password . $nonce, $site_key);
}
