0

in change_password.php, i do this:

UPDATE 'ussers' SET
'pass' = substr(md5( substr( md5($pass), 5, 5) ), 5, 5)
WHERE 'userid' = $userid;

and in login.php, i do the checking like this:

SELECT * FROM 'users' WHERE
'pass' = substr(md5( substr( md5($pass), 5, 5) ), 5, 5) AND 'userid' = $userid;

Please tell me if this code is enough to protect my passwords in this time of breaking encryption algorithms.

Tom
  • 93
  • 2
  • 11
  • 1
    `md5` is not a good method for password hashing (read more [here](http://stackoverflow.com/questions/401656/secure-hash-and-salt-for-php-passwords)) – kero Jun 12 '14 at 08:32
  • are you not exaggerating it a bit ? Using salts and substring with an hashing function should be enough. Also, md5 is an ancient hashing function. Please use fe `sha256` – KarelG Jun 12 '14 at 08:32
  • 2
    @KarelG No, he's not exaggerating at all. – Styphon Jun 12 '14 at 08:45
  • 1
    I'm upvoting this on principle of the asker not being an idiot and instead testing/checking his method before rolling it out. – EWit Jun 12 '14 at 10:28

3 Answers3

2

No, it isn't.

MD5 is weak enough to brute force in a matter of hours with a GPU rig, and that's without truncating it! Double MD5ing is not going to add significant additional production, and truncating is frankly unjustifiable.

You need to look at more modern schemes such as Blowfish, and at password salting.

If you think the danger of brute forcing with GPUs is being overblown, see http://arstechnica.com/security/2012/12/25-gpu-cluster-cracks-every-standard-windows-password-in-6-hours/

GordonM
  • 31,179
  • 15
  • 87
  • 129
0

Your way is very weak. Only 5 characters from md5 checksum, that's only something over 1 million values, all attacker needs is to find collisions. Don't do the substr(), store full hash, with salt, and use stronger hashing function, like sha256.

Marek
  • 7,337
  • 1
  • 22
  • 33
  • Something like bcrypt is generally to be preferred over SHA since SHA is relatively fast. – Jim Jun 12 '14 at 08:48
0

In general, you do not want to try and roll your own encryption since there are many excellent algorithms out there and an algorithm that is home brewed is more likely to have bugs or weaknesses.

In your particular case the two major weaknesses are taking a substring and using md5.

Substring

Taking a substring of the md5 hash reduces the possible hashes produced by your algorithm which increases the chance of a collision. Take the extreme case where we only use the first character of the md5 hash. We now have a situation where any password has a 1 in 16 chance of having the same hash as any other password! Worse brute forcing this would take very little time.

Your example uses a length of 5 but this is still very easy to brute force and has a high chance of collisions. Here's output from a script that creates 1,000,000 hashes (using uniqid to generate the values):

Number of hashes created 1000000
Number of unique hashes 481247
Collisions 518753

MD5

MD5 is fast. For some applications this can be a good thing - say checking files for exact duplicates. However for passwords this means that it's also fast for an attacker to check lots of passwords. In addition there are a number of vulnerabilities in MD5.

Alternatives

PHP 5.5 provides a password api that simplifies generating passwords and looks easy to use (admittedly I haven't used it myself). This also takes care of choosing a strong algorithm. http://www.php.net/manual/en/book.password.php

This question has plenty of options for other PHP versions.

Community
  • 1
  • 1
Jim
  • 22,354
  • 6
  • 52
  • 80
  • Thank you very much Jim. This type of answering is really appreciable since it elaborates 'why and what' pretty understandable. I am not a beginner to php. but i wanted to know why this md5 thing is more vulnerable to hackers, and your answer took care of all my doubts. Thank you once more. – Tom Jun 16 '14 at 11:15