1

I am writing a small webserver for my house to play around with a few java API's I want to know better. This web server will eventually hold personal files and pictures.

I did not feel like setting up an LDAP server for authentication and was wondering how bad would it be if i just had the java code check it directly?

Vadim Kotov
  • 8,084
  • 8
  • 48
  • 62
Fidel
  • 109
  • 2
  • 9
  • The main security issue is sending plaintext password over the internet. http://stackoverflow.com/questions/1582894/how-to-send-password-securely-over-http – NeplatnyUdaj Jan 20 '14 at 15:14
  • @NeplatnyUdaj Indeed. There's a lot to consider when deploying a network service, especially a untested one with a narrow userbase (1 person, in this case). Besides transport-security (using HTTPS), a security best-practice is to run your web server behind a [reverse proxy](http://en.wikipedia.org/wiki/Reverse_proxy), as it will protect you against a lot of low-level vulnerabilities – loopbackbee Jan 20 '14 at 15:30

1 Answers1

1

As long as you take proper precautions not to distribute or publish your source code, having a hardcoded password is most certainly safer than having a network service validate it. There are two problems, however:

  • Keeping your source code secret may not be too hard, but you can easily forget that you hardcoded the password in the future an become careless about the source. You may want to copy it to a friend, or publish it on github.
  • Having the password hardcoded means that someone that compromises your code may easily learn the password. A tried-and-true network authentication solution will not be ridden with vulnerabilities - your code almost certainly will.

A potential alternative you should consider is to keep a plain text file with the password, and read it as necessary. It mitigates (but doesn't eliminate) these two issues, and will also allow for a bit more security if your OS supports the proper file permissions and user privilege separation.

As always, avoid using a password repeatedly for different services. Since you'll have untested code facing the internet, remember to implement proper OS-level counter-measures.

loopbackbee
  • 21,962
  • 10
  • 62
  • 97
  • I disagree. A properly setup LDAP server will never directly reveal the password. APIs would be used to bind the user with the user's provided password and the LDAP service would return success or failure. Sure someone could hack a single user with brute force and guess a single user's password, but if they hack you password file, they get all the passwords. – jwilleke Jan 21 '14 at 11:41
  • @jeemster Please note I've tried to answer the question in a general perspective. There's no doubt that specific implementations of network services *can* be safer than specific implementations with a hardcoded password. However, all else being equal, a password-checking mechanism that is not exposed on the network has less attack surface. Finally, IMHO, the benefits of having a hashed password stored (instead of the password) are negligible if the password is *unique* and the protocol transmits the password/hash instead of using a more complex authentication mechanism (like challenge-response – loopbackbee Jan 21 '14 at 13:31