2

Certain sites (e.g. banks like Halifax and Barclaycard) will prompt the user for specific letters of their password. But if the user's password is salted and hashed then I can't see how the individual letters can be used. So either the password is not hashed or there is another process at play. Possibly each individual letter of the password is salted and hashed, but that doesn't seem particularly secure.

Can anyone explain what authentication model is being used here? Given that this is fairly common place, I must assume that there is a trusted model to support this practice.

Edit: The best answer I have found is actually on security.stackexchange.com 'How do some sites (e.g. online banks) only ask for specific characters from a password without storing it as plaintext?' so I will also vote to close my question.

Community
  • 1
  • 1
Digbyswift
  • 10,310
  • 4
  • 38
  • 66
  • I hope you’re not considering using that model for your own project. – Gumbo Mar 01 '13 at 11:22
  • No not yet, but given that it exists in the situations I describe, it would lead me to believe that there is a robust model behind it. And because of this, I would like to know if it is a viable option and how this works, preferably from someone who has implemented it. – Digbyswift Mar 01 '13 at 11:30
  • Oh, you shouldn’t assume that! Even although it is used by seemingly big companies, they still may be wrong. I mean, if you’re being asked for only three letters of your password, the password to get access to your account is also only three letters away, no matter how long your actual password is. – Gumbo Mar 01 '13 at 11:39
  • True, I totally agree, although attempts are usually restricted and different sessions will require different letters. But _is_ there a robust/secure way of storing a password and doing this? – Digbyswift Mar 01 '13 at 11:58

1 Answers1

1

Your trust is potentially misplaced. Salting doesn't prevent a brute force attack, only the use of rainbow tables. If you salted each individual character then this would be trivial to crack. Similarly salting and hashing each combination of four characters would also be trivial to crack by brute force. Your password is almost certainly stored unencrypted.

This isn't as bad as it sounds, hashing is only useful to stop people who get hold of the contents of the password database. If people get access to your banks password database then you most likely have other problems. For example, they probably wouldn't need your password to transfer money.

If you think about it there is no possible way of doing this securely. If you have some oracle that will take 1 second to validate four characters of a password (each of which could have, say, 36 possible values), then you can crack four characters after an average of 839,808 attempts, which would take 10 days. If the password is 12 characters long it would take a month to crack it entirely. Logging on takes much less than 1 second.

jleahy
  • 16,149
  • 6
  • 47
  • 66
  • Do you know for certain that this is the case? I would be amazed if the financial institutions were storing our passwords unencrypted, even if the access t the databases were nailed down. Don't forget that many of the security breaches in past years have actually involved data being taken off-site. – Digbyswift Mar 01 '13 at 11:25
  • I don't know this for certain and you're unlikely to find anybody who does. No bank would tell anybody how they did this in case they received bad press as a result. What I'm trying to say is that it's mathematically impossible to do it better. If you can perform that query in an efficient manner then so can an attacker, meaning he can crack four characters at a time. – jleahy Mar 01 '13 at 11:40
  • @Digbyswift I've edited my answer to reinforce that exact point. – jleahy Mar 01 '13 at 11:46
  • Thanks for the info and expanding on your answer. – Digbyswift Mar 04 '13 at 08:48