0

I am designing a database where I am planning to store user passwords in a database. I am wondering what is the best way to store user passwords in a database ?

  • Possible duplicate of [Storing user and password in a database](http://stackoverflow.com/questions/6058019/storing-user-and-password-in-a-database) – Marcus Mar 13 '17 at 02:24
  • Just using a hash function is not sufficient and just adding a salt does little to improve the security. Instead iIterate over an HMAC with a random salt for about a 100ms duration and save the salt with the hash. Use functions such as `PBKDF2`, `Rfc2898DeriveBytes`, `password_hash`, `Bcrypt` and similar functions. The point is to make the attacker spend a lot of time finding passwords by brute force. – zaph Mar 13 '17 at 03:14

1 Answers1

-2

Thus, we can do the following things:

Do not invent your own clever password storage scheme.

Security vulnerabilities, unlike functionality bugs in your application, run deep and silent.

They can lay dormant for years.

Never store passwords as plain text.

This feels like security 101 and is completely obvious.

Store the hashes, never the actual passwords. Educate your developers.

Add a long, unique random salt to each password you store.

This shall make you immune to rainbow table attack.

Use a cryptographically secure hash. SHA-2 or Bcrypt is a better choice than MD-5.

EAK TEAM
  • 5,726
  • 4
  • 30
  • 52
  • 1
    SHA-2 and Bcrypt are two very different password hash methods, SHA-2 provided essentially no security while Bcrypt is an iterated method that is secure. Equating the two methods as essentially equivalent password security is not only wrong but misleading potentially leading to negligible password security. – zaph Mar 13 '17 at 03:15
  • 1
    SHA-2 is insignificantly more secure than MD5. – zaph Mar 13 '17 at 03:46
  • @zaph Just wondering, what are password hash methods ? What it has to do in storing passwords in a database ? –  Mar 13 '17 at 03:52
  • Password hash methods are functions that use substantially more resources, time and/or memory in order to slow down an attacker. MD5, Shared*, etc on current hardware only cost about 1 microsecond, a password hashing function should take generally about 100 milliseconds, 100,000 as much time so brute force even with a frequently used password list and fuzzing becomes very time consuming and that is the best protection we have on typical hardware. – zaph Mar 13 '17 at 11:50
  • There is confusion with the way methods are named. `Bcrypt` is not encryption, but an an iterated method for securely hashing passwords that internally uses an encryption function. `password_hash` generally uses `Bcrypt` internally. Another method is `PBKDF2` (Password Based Key Derivation Method) also named `Rfc2898DeriveBytes`. Developers help create their own confusion just by poor and inconsistent naming. So I used the phrase password hashing function to distinguish these from primitive cryptographic hash functions such as MD5 and SHA*. – zaph Mar 13 '17 at 11:52