0

I need to code a simple login system for a website that has a MySQL database with usernames and passwords that are used by the desktop app written in Python.

The desktop app uses PBKDF2-SHA256 encryption (through the hashlib.pbkdf2_hmac() function in Python) to hash the passwords with unique random salts. Because of this, I need to use the same type of encryption to handle the passwords on the website, for which I will be writing code in JavaScript.

I've come across several JavaScript libraries for bcrypt, but not really much of anything for PBKDF2 apart from NodeJS (and I don't want to have to use an entire app framework just for encryption). How can I handle PBKDF2 encryption in JavaScript?

tjohnson
  • 1,047
  • 1
  • 11
  • 18
  • 1
    I think the real question here is, **why** are you hashing passwords client-side and not server-side? A hashed password client-side just becomes the "password" when sent to the server. You gain no security at all. – Luke Joshua Park Sep 18 '16 at 00:17
  • @LukePark I'm fairly new to web programming, so I'm by no means a security expert, but isn't it more secure to hash passwords client-side than server-side so that they aren't being transmitted as plain text between them? – tjohnson Sep 18 '16 at 00:23
  • so, instead of sending password in the clear, you would "hash them", send the hashed version, but also expose your password hashing algorithm as well, thus providing no extra level of protection at all – Jaromanda X Sep 18 '16 at 00:25
  • So if I have passwords encrypted with PBKDF2 in a database on my website, how should I implement a login system on the website in a secure manner? – tjohnson Sep 18 '16 at 00:27
  • if you want security, use `https` not `http` – Jaromanda X Sep 18 '16 at 00:27
  • 1
    No, because the hash **becomes** the password. Assume your password "testing123" hashes to "abcdef". Then your client sends "abcdef" to the server. An attacker listens in can still see the "abcdef" and then pose as you whenever they like. Hashing is used to protect passwords server-side. You should be using TLS (HTTPS) between the client and server. – Luke Joshua Park Sep 18 '16 at 00:27
  • 1
    And PBKDF2 is *not* encryption. – Luke Joshua Park Sep 18 '16 at 00:28
  • I am using HTTPS on the website, so does this mean that it's safe to send the password as plain text? I don't know how I would implement a login system without doing hashing when the passwords are stored hashed in the database. – tjohnson Sep 18 '16 at 00:31
  • 1
    Yes just send it straight across. That is the whole point of HTTPS. And you recompute hashes *server-side* and compare them *server side*. You should do some more reading on password hashing for databases etc. – Luke Joshua Park Sep 18 '16 at 00:32
  • Oh, so I send the user's password input to a PHP script which compares hashes on the server side or something like that? That makes sense now. – tjohnson Sep 18 '16 at 00:33
  • 1
    Yes exactly that. Still use PBKDF2 though. `hash_pbkdf2` in PHP. – Luke Joshua Park Sep 18 '16 at 00:34
  • "just send it straight across" @Luke Park. Disagree : what is transmitted over the wire, be it TLS or not, should not be the password in **clear**. – Flint Sep 18 '16 at 00:38
  • @Flint But I thought the answer to the question that you suggested as a duplicate agreed with Luke Park that the encryption should only be done on the server side? – tjohnson Sep 18 '16 at 00:40
  • 1
    Nope. The job has to be done twice and with two different algorithms. Hashing client side prevents somebody (say a fellow developper) to grab passwords from people simply by reading a request. Of course to decipher hashes is still possible, but at least it's not straightforward as `print request.body.password` – Flint Sep 18 '16 at 00:44
  • @Flint Any suggestions for what to use for hashing on the client side? I'd want something simple and fast that can be hashed by both JavaScript and PHP. I'm thinking of just using Base64, since although it's not really secure, it provides some encoding. Using bcrypt would be overkill. (http://security.stackexchange.com/a/93411) – tjohnson Sep 18 '16 at 00:55
  • http://security.stackexchange.com/questions/23006/client-side-password-hashing – Flint Sep 18 '16 at 00:55
  • @Flint The only advantage from client side hashing is, as you say, stopping "rogue developers" from viewing the passwords. It isn't exactly a priority. Sending passwords through TLS is fine. And you can't "decipher" a hash. – Luke Joshua Park Sep 18 '16 at 00:56
  • Be they rogue or debugging requests, passwords shouldn't accidentally show up in plain text. – Flint Sep 18 '16 at 01:04
  • @tjohnson : use your own recipe on top and after fast well-known standards. – Flint Sep 18 '16 at 01:05

0 Answers0