1

I am in the process of upgrading the security level of my site.

When researching for the best method to store passwords i found the BCRYPT option in PHP 5.3. I have implemented this function to use a static SALT, however I read that each password should have a different SALT or defeats the purpose.

Should I store the SALT in the database with the user record in plain text? Does this defeat the purpose as well? or should i hash the salt using md5 and store it in the database?

What is the best method when implementing this and storing SALTs?

Ray
  • 894
  • 1
  • 6
  • 23
  • Take a look at the library [PHPass](http://www.openwall.com/phpass/). It offers drop-in functionality for password hashing with BCrypt and is widely regarded as a good and secure library. See also: http://stackoverflow.com/questions/1581610/how-can-i-store-my-users-passwords-safely – Jacco May 21 '12 at 09:04

2 Answers2

3

The modular crypt format for bcrypt does already contain a 128 bit salt. So unless you use an implementation that is different from that, you don’t need another salt.

Note that the main purpose of a salt is to make each input unique so that lookup table assisted dictionary attack against the stored values are impractical.

Jacco reminded me that PHP’s native bcrypt implementation in crypt does not generate a salt automatically. So you have to do it on your own, for example:

$salt = substr(str_replace('+', '.', base64_encode(call_user_func_array('pack', array_merge(array('H14N'), explode('.', uniqid('', true)))).pack('N2', mt_rand(), mt_rand()))), 0, 22);
$hash = crypt($password, '$2a$10$'.$salt.'$');
Community
  • 1
  • 1
Gumbo
  • 643,351
  • 109
  • 780
  • 844
  • The BCyrpt implementations in PHP does, unfortunately, NOT auto-create a salt. – Jacco May 21 '12 at 09:02
  • @Jacco The [password_hash()](http://php.net/manual/en/function.password-hash.php) function, new in PHP 5.5, *does* auto-generate the bcrypt salt. – Andre D Sep 12 '13 at 18:54
2

You should create a new random salt for each user, and store it together with the hash in the database. Most bcrypt implementations already do that. If you look at the output, you'll see that it's a $ separated value containing the salt.

CodesInChaos
  • 106,488
  • 23
  • 218
  • 262
  • should i encode the salt with md5 for extra security? i understand how salt and bcrypt work. Im just confused that when storing the salt it can help with password cracking – Ray May 20 '12 at 19:41
  • wouldn't i be able to compare the strings using $salt = md5($row[salt]); $check = crypt($row[password], $salt); if($check == $loginpass){ – Ray May 20 '12 at 19:53
  • 2
    *most BCyrpt implementations auto-create a salt. Unfortunately, the PHP implementation does not. – Jacco May 21 '12 at 09:02