Hashing passwords for on-disk storage (More details inside)

Question

I need to store hashes of passwords on disk. I am not entirely sure which hash function to use (they all seem somewhat troubled at the moment), but I am leaning towards SHA-256.

My plan is to take the user's password and combine it with their user ID, a random user-specific salt, and a universal site-wide salt. Should I concatenate these values together and then hash the single resulting string, or should I hash each separately, concatenate the hashes, and then hash that? Also, does the order (password, user id, user salt, site salt) matter? Can I rearrange them however I like, or is it a bad idea to have something that doesn't change (site salt) or something completely predictable (user id/user salt) first?

Thanks.

Answer 1

SHA-256 seems to be one of the better options available right now.

Concatenating everything should be fine and order isn't all that important. Just make sure that you are using a significantly long salt value.

This post has some good recommendations- What algorithm should I use to hash passwords into my database?

Answer 2

Why not bcrypt? Password hashing should be very slow, but SHA* is designed to be very fast. bcrypt is specifically designed for password hashing.

Answer 3

Previous SO questions about this:

Password handling best practices?

What algorithm should I use to hash passwords into my database?

But to provide brief answers to your specific questions:

• SHA-256 is a viable option.
• You can hash the single string.
• Order doesn't matter.
• You don't need two salts. Just a user-specific salt is fine, the site-wide one is unnecessary and doesn't actually contribute anything.

Answer 4

Never hash hashes!!