0

I was wondering if there was a method to change the way my site hashed passwords. My coder friend wasn't the smartest when he didn't add salts to the sha512 hash. So now it is very insecure and I wish to change that. I was thinking about making some complicated code to rehash when someone who has the old hash type logs in and it would set the variable to true after adding a salt. Or I could take the currently hashed passwords and somehow fuse a salt into them. I would rather not reset my user database if I don't have to. Any idea would help. I am also quite the php noob so please explain if you include code.

It is Hashed using this method.

<?php hash('sha512',"passwordhere") ?>
Darkaaja
  • 98
  • 8
  • 2
    change with every new login is your best option; or my preferred option, not bother :-), think about the worse case scenario, some on has the db, but then thy have your site, so its game over. –  Sep 10 '13 at 23:12

3 Answers3

2
  1. Alter your user table to include a 'salt' column, default value of 'NULL'.
  2. Alter your login code to check if the user has a salt:
    • If yes, compare the salted hashes and log in
    • If no:
      1. Compare the unsalted hashes.
      2. Generate a random salt.
      3. Generate your salty hash.
      4. Store your new salt and hash in the database.
      5. Continue the login process.

Of course, you will also need to update your code for registration, password change/recovery, etc.

Alternatively, instead of a 'salt' column you could put in a 'hash_ver' column and use that to determine which validation method to use and when to update the hash. That way if you wish to use a hashing method that packs the salt in with the hash like bcrypt you don't get stuck trying to figure out what type of hash you're dealing with.

Sammitch
  • 30,782
  • 7
  • 50
  • 77
  • Could you explain hash_ver? – Darkaaja Sep 10 '13 at 23:32
  • I'd just use an unsigned tinyint, default 0, and increment it every time you change the hashing scheme. Then you can add more hashing methods in the future and your authentication functions can be aware of which hash they're looking at and whether or not the hash needs to be changed when the user logs in. eg. 0=SHA512, 1=SaltedSHA512, 2=bcrypt, 3=whatever replaces bcrypt, etc. – Sammitch Sep 10 '13 at 23:37
1

Every password-storing-system must have the option to switch to a better hash algorithm, your problem is not a one-time migration problem. In the answer to this question i tried to point out the necessary steps.

Note: Fast hash algorithms like SHA-* are not appropriate to hash passwords, instead switch directly to a slow key-derivation function like BCrypt. The new PHP function password_hash() will make hashing easy (it will generate a safe salt for you), and is "future proof", also it will make switching in future possible.

Community
  • 1
  • 1
martinstoeckli
  • 23,430
  • 6
  • 56
  • 87
0
$old_hash = hash('sha512',"passwordhere");
$salt = ''; // Generate salt here
$new_hash = hash('sha512', $old_hash.$salt) ;
Kamal Saleh
  • 479
  • 1
  • 5
  • 20