Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Bitcoin Discussion
Re: Public Safety Announcement: On the subject of password security
by
Man From The Future
on 21/06/2011, 21:13:10 UTC
Quote from: garethnelsonuk on June 21, 2011, 06:26:02 AM
Quote from: Man From The Future on June 19, 2011, 08:36:43 PM
Please, service providers...  Use the best possible solution available!

If you can use multiple SHA512 hashes with each different unique salts form different sections of passwords... do it! If you can run that same thing 5 passes... do it!

Don't just go with MD5 + usalt because "no-one will ever get the database". Always prepare for the worst case scenario. HAve graceful hash updates! If a better hashing method becomes available, make users reset their password! (Or have it be done automatically on log in using submitted password for 30 days, and after that time, require reset.)

Thanks for listening, do shout at me if you think this is stupid advice! Smiley

You're doing it wrong - making people change their passwords every 30 days results in them running out of quality passwords OR them writing their password down.

Multiple hashes? If you want to be paranoid that's also the wrong way to go about things, you should use a system like bcrypt and make sure it's slow enough that GPU bruteforce is a no-go.

Partition the database too, don't have one big MySQL database with full perms which every part of the site has access to - one exploit on any part and it's game over. Limit it tightly, VERY tightly.

Even the human factor can be mitigated - don't give access to EVERYTHING to EVERY employee, restrict things tightly.

Use whitelists, not blacklists.

You're right, I am doing it wrong - I've only attempted to do it better than large companies do it - which turns out to be completely rubbishly! Cheesy