Encrypting/Hashing plain text passwords in database [closed]

by

EDIT (2016): use Argon2, scrypt, bcrypt, or PBKDF2, in that order of preference. Use as large a slowdown factor as is feasible for your situation. Use a vetted existing implementation. Make sure you use a proper salt (although the libraries you’re using should be making sure of this for you).

When you hash the passwords use DO NOT USE PLAIN MD5.

Use PBKDF2, which basically means using a random salt to prevent rainbow table attacks, and iterating (re-hashing) enough times to slow the hashing down – not so much that your application takes too long, but enough that an attacker brute-forcing a large number of different password will notice

From the document:

  • Iterate at least 1000 times, preferably more – time your implementation to see how many iterations are feasible for you.
  • 8 bytes (64 bits) of salt are sufficient, and the random doesn’t need to be secure (the salt is unencrypted, we’re not worried someone will guess it).
  • A good way to apply the salt when hashing is to use HMAC with your favorite hash algorithm, using the password as the HMAC key and the salt as the text to hash (see this section of the document).

Example implementation in Python, using SHA-256 as the secure hash:

EDIT: as mentioned by Eli Collins this is not a PBKDF2 implementation. You should prefer implementations which stick to the standard, such as PassLib.

from hashlib import sha256
from hmac import HMAC
import random

def random_bytes(num_bytes):
  return "".join(chr(random.randrange(256)) for i in xrange(num_bytes))

def pbkdf_sha256(password, salt, iterations):
  result = password
  for i in xrange(iterations):
    result = HMAC(result, salt, sha256).digest() # use HMAC to apply the salt
  return result

NUM_ITERATIONS = 5000
def hash_password(plain_password):
  salt = random_bytes(8) # 64 bits
  
  hashed_password = pbkdf_sha256(plain_password, salt, NUM_ITERATIONS)

  # return the salt and hashed password, encoded in base64 and split with ","
  return salt.encode("base64").strip() + "," + hashed_password.encode("base64").strip()

def check_password(saved_password_entry, plain_password):
  salt, hashed_password = saved_password_entry.split(",")
  salt = salt.decode("base64")
  hashed_password = hashed_password.decode("base64")

  return hashed_password == pbkdf_sha256(plain_password, salt, NUM_ITERATIONS)

password_entry = hash_password("mysecret")
print password_entry # will print, for example: 8Y1ZO8Y1pi4=,r7Acg5iRiZ/x4QwFLhPMjASESxesoIcdJRSDkqWYfaA=
check_password(password_entry, "mysecret") # returns True

More Related Contents:

  1. Difference between Hashing a Password and Encrypting it
  2. Why is security through obscurity a bad idea? [closed]
  3. SHA512 vs. Blowfish and Bcrypt [closed]
  4. What algorithm should I use to hash passwords into my database? [duplicate]
  5. Should I impose a maximum length on passwords?
  6. Fundamental difference between Hashing and Encryption algorithms
  7. Disable browser ‘Save Password’ functionality
  8. Salt Generation and open source software
  9. Is “double hashing” a password less secure than just hashing it once?
  10. Two-way encryption: I need to store passwords that can be retrieved
  11. Are HTTPS headers encrypted?
  12. The necessity of hiding the salt for a hash
  13. Preferred Method of Storing Passwords In Database
  14. Password hashing, salt and storage of hashed values
  15. Why is using a Non-Random IV with CBC Mode a vulnerability?
  16. Best Practices: Salting & peppering passwords?
  17. What is the purpose of base 64 encoding and why it used in HTTP Basic Authentication?
  18. Differences Between Rijndael and AES
  19. How to send password securely over HTTP?
  20. Moving old passwords to new hashing algorithm?
  21. Best way for a ‘forgot password’ implementation? [closed]
  22. Is it worth encrypting email addresses in the database?
  23. Why not use MD5 for password hashing?
  24. MD5 security is fine? [closed]
  25. What’s wrong with XOR encryption?
  26. Do I need a “random salt” once per password or only once per database?
  27. Why is char[] preferred over String for passwords?
  28. Why Does OAuth v2 Have Both Access and Refresh Tokens?
  29. How to restrict Firebase data modification?
  30. Windows equivalent of OS X Keychain?

Leave a Comment