0

What do you use? What are the benefits of using it?

Gimme the lowdown on all the techniques, pros and cons all the tutorials don't tell you about.

PHP
  • 216
  • 2
  • 9

6 Answers6

8

The short answer is: you don't. What you actually store is the result of running the user's password through a one way hash-function. Before I would have thought using something like MD5 would be fine until I read this and would recommend looking at bcrypt instead since it can help against brute-force attacks.

PPC-Coder
  • 3,522
  • 2
  • 21
  • 30
  • Many many upvotes for bcrypt here. Hashing a user password to test it against the stored one is relatively infrequent, so taking .1s to do it should not be a problem. However, try running brute force attacks against a hash at that same 10/s and you'll never ever finish. Bcrypt can also be adjusted to take even more work to generate as hardware standards are raised, making it future compatible. – Joe Mastey Apr 01 '11 at 13:05
  • Yeah, what led me to bcrypt was reading about a site that was hacked and their user database was downloaded. In that situation, there's not much you can do to prevent the attacker from brute-forcing their way through passwords if you're using a fast hash. – PPC-Coder Apr 01 '11 at 16:30
  • @JosephMastey I'm dubious. If you take .1s to test a password, wouldn't your server be easily DDoS-able? – Camilo Martin Jan 19 '13 at 18:07
  • @CamiloMartin, you need to harden your app against DDoS anyway, but preventing your app from ever doing work is not a good way to prevent attacks. Even with a SHA1 (or other very fast hash), you are still vulnerable to DDoS. Other than using an IDS to detect attacks, one way to prevent abuse is to include an increasingly long wait loop after multiple login attempts. – Joe Mastey Jan 22 '13 at 01:57
  • @JosephMastey Actually, now I got an idea. You can hash (with anything, like SHA-1), store the *first half* of the hash (or even less), and only proceed to further verification if the password given produces a hash that matches this partial value. This way, you get the best of both worlds I think. – Camilo Martin Jan 22 '13 at 07:23
1

Hashing is common in storing password. But they are all the same, just that the longer the hash result it produced, the harder it is to be hacked. The hashing result from the same hash function normally having the same length. Without restriction on the input text (which is unlimited in length), you might produce 1 same hash string from multiple sentences/words. This is where the hole lie. Read more about pigeonhole principle and Birthday Attack

I normally use MD5(). But it's out of the standard already I guess because some of the collision something. Somehow people invented a system that can detect 1 hashed string with more than one real string.

use SHA instead. To make it more secured, you could add $salt on it, Make it a double protections, so, hash the actual password first, add the salt to the hashed password, then hash them again.

Remember, the longer the result string, the better it is.

some recommend bcrypt, but I never use it before.

Sufendy
  • 1,212
  • 2
  • 16
  • 29
0

You'll want to store the original password like this

md5($password)

Your login script schould be like this:

$sql = "SELECT `id` WHERE username=`$username` AND password=`" . md5($password) . "`";
$result = mysql_query($sql,$link);
if (mysql_num_rows($result) == 1) {
  // user is authenticated
}

This should actually be more complicated, but for conceptualization its been simplified.

Chris McClellan
  • 1,123
  • 7
  • 14
  • Using MD5 on password alone is not secure. It can be attacked using [rainbow table](http://en.wikipedia.org/wiki/Rainbow_table) (A table contains MD5 hash for look up the possible value of the original value applied to MD5 function). – VCD Jul 23 '13 at 04:11
  • This example doesn't include salted passwords or advanced hashing methods. Its just a simple user lookup without returning any username and password. – Chris McClellan Jul 23 '13 at 13:34
  • 1
    My understanding to this answer is that it encourage people to hash the password with MD5 and store it in database, which is known to be insecure. If the example is to simply do a user lookup, then this answer is not related to the questions which is asking how to store password. Further, I don't think a simple user lookup should use password as the filter out condition. – VCD Jul 24 '13 at 02:25
  • Glad you found this comment from 2011 and let me know that I didn't answer the question to the best of my ability. – Chris McClellan Jul 24 '13 at 03:42
-1

The simple but secured way of storing password is to use the MD5 encription.

md5($password);

will give the md5 encrypted value.

Arun David
  • 2,714
  • 3
  • 18
  • 18
  • 1
    Someone quick, tell me what this hash represents: `18126e7bd3f84b3f3e4df094def5b7de` and demonstrate why salts are a must. – Mike B Apr 01 '11 at 02:13
  • 3
    It is mike haha salts are a must! – PHP Apr 01 '11 at 02:15
  • Using MD5 on password alone is not secure. It can be attacked using [rainbow table](http://en.wikipedia.org/wiki/Rainbow_table) (A table contains MD5 hash for look up the possible value of the original value applied to MD5 function). Side note: MD5 is not an encryption function but a hashing function – VCD Jul 23 '13 at 04:09
-1

You can use a combination of two or more encryption algorithms. For example: 

md5(sha1($password));

or just like this:

md5(md5($password));
Nabeel
  • 557
  • 4
  • 15
  • The benefit is to strengthen the encryption – Nabeel Apr 01 '11 at 02:14
  • 1
    md5 is not encryption, neither is sha1 – Mike B Apr 01 '11 at 02:14
  • Ok, it's a calculation. And because it reforms the entry in a way that it shouldn't be given back to its original; it would be encrypton – Nabeel Apr 01 '11 at 02:18
  • 18126e7bd3f84b3f3e4df094def5b7de = mike – Nabeel Apr 01 '11 at 02:19
  • 3
    Encryption infers that it's a reversible operation, that the value can be *decrypted*. Hashes are *not* reversible, that's why they're called hashes. – deceze Apr 01 '11 at 02:20
  • 2
    Also, hashing the value twice or thrice doesn't necessarily make it any more secure, sometimes it makes it *less* secure. Use salts, those *actually* have an impact. – deceze Apr 01 '11 at 02:21
-1

To keep things simple use md5 with a salt. MD5 is a one way hash. For example:

md5("hello") = "5d41402abc4b2a76b9719d911017c592"

So, without salts, you end up saving "5d41402abc4b2a76b9719d911017c592" into your database. Then when one tries to login by inputting their password you compare the md5 of the inputted password with the md5 you saved.

if (md5($input_password) == "5d41402abc4b2a76b9719d911017c592")
    log_in_user();

However, md5 is insecure, as is because the md5 of x is always y. So, if one were to compromise your database and find the password listed as "y" then you know the password is "x" if you've created or downloaded a md5 lookup table.

Instead do something like:

$password_to_save_to_db = md5(md5($input_password . $date_user_registered));

Therefore each user will have their own unique salt and those lookup tables will be rendered useless. (It could be re-created for each password the hacker wants to steal, but that's much more time consuming and plus the double md5 makes things a little more difficult.

You can read more at http://sameerparwani.com/posts/using-salts-for-extra-security

m4n0
  • 29,823
  • 27
  • 76
  • 89
Sameer Parwani
  • 309
  • 1
  • 7