encrypted passwords?

nasht

Hi,
I've seen in some open-source php projects that they encrypt member passwords in databases.

My main question is: how useful is it?

Does that make a big difference?
Can people easily read from a database?
Since those are open-source projects, people probably have access to both the encrypt and decrypt functions, doesn't that mean they can just steal passwords as easily as if they weren't any encryptions?

And lastly, if YES password encryption is the way to go, how can I implement it easily on a new project?

Thank You!

Nathan

TruckStuff

Generally, you want to encrypt passwords. It provides some extra protection against snoopers. If someone has access to your DB, they won't be able to read the passwords w/out knowing the key. Depending on the method of encryption, however, that key can be sniffed off of the line. You can use something like [man]mcrypt[/man] functions to do the crypt/decrypt on the web server then you are only sending encrypted data across the line.

It is true that everyone has access to keys in open-source projects. If someone has access to your DB, they can read the passwords. This is why every open-source project tells you NOT to use the default passwords for, e.g. mySQL user accounts. See this thread on Bugtraq for a discussion of storing passwords in open-source projects.

If you want to implement encryption, start with the mcrypt functions mentioned above. Also, please note that MD5 is NOT encryption, so storing passwords as md5 hashes in the DB is silly and (almost) useless.

MarkR

Some people encrypt passwords using a hashing function (which is a form of "one way encryption" and hence not really encryption at all).

As such, they can't be decrypted (but are still vulnerable to dictionary attacks). This is to defend against people who obtain (authorised or unauthorised) access to the database and decide to try to use peoples' passwords.

Generally speaking, nobody unauthorised should be able to access the database. You have to assume this when developing your app (otherwise, what is the point?)

So storing plaintext passwords is generally speaking pretty safe - especially if the app isn't very security-critical.

Although I've used encrypted passwords in the past, my last two major apps stored passwords unencrypted.

This also makes it easier if a user forgets their password, as you can just email it to them.

Mark

laserlight

so storing passwords as md5 hashes in the DB is silly and (almost) useless.

Not really - the good point about storing hashed passwords is that even if the database is compromised, your users' passwords will not be compromised.

TruckStuff

Yeah, but if your db is compromised, 1) you probably have a lot bigger things to worry about than user PWs, and 2) Even if you don't, a compromised db can be easier to dictionary attack. If the passwords are encrypted, any attacker has to know the encryption algorythm as well as the cipher key to get user PWs

TruckStuff

MarkR wrote:
Generally speaking, nobody unauthorised should be able to access the database. You have to assume this when developing your app (otherwise, what is the point?)

I think this is a really bad idea. If you are developing an app and assume that only authorized users are going to have access to it, thats asking for sloppy coding and a security breach-in-waiting. You should always write apps with the assumption that unauthorized people will attempt to access your system.

laserlight

1) you probably have a lot bigger things to worry about than user PWs

Yep, but that's your problem - dont make your problem into your users' problem. In any case, you already know this since you state that one "should always write apps with the assumption that unauthorized people will attempt to access your system".

If the passwords are encrypted, any attacker has to know the encryption algorythm as well as the cipher key to get user PWs

In this case, the encryption functions as a substitute to a cryptographic hash, since the secret key is assumed to be safe even if the database is compromised. I was thinking of the more usual case where passwords are encrypted in transmission, rather than in storage.

Note that the encryption algorithm will probably be known to the attacker, so it is the secret key that is important.