Best IT Recipes

Salting: is it wise to use a username?

I discuss using usernames as a means to merge passwords instead of storing a random string with names. My excuse is that the purpose of the salt is to prevent rainbow tables, and what makes it realistically less secure than another dataset?

For example,

hash( md5(johnny_381@example.com), p4ss\/\/0rD)

vs

hash( md5(some_UUID_value), p4ss\/\/0rD)

Is there a real reason I couldn’t just stick with the username and simplify things? The only thing that caused my web search was discussions about how salt should be like a password, but ended without any arguments behind it, where I had the impression that it would just prevent something like cain and a skilled cracker from escaping against him, not in the range of millions of years. Thinking about the limitations on processing reality, I don’t think it is very important if people know the hash, they still don’t know the password, and they went into the supercomputer range to overdo every single hash.

Can someone please enlighten me here?

+10
hashtable salt
Jul 27. '10 at 7:12
source share
6 answers

You’ll have trouble changing your username (if you can change it). There you cannot update the hashed password because you do not store an unsigned, unmanaged password.

+13
Jul 27 '10 at 7:17
source share

I do not see a problem using the username as the salt value.

A safer way to store passwords is to use a different salt value for each entry.

If you look at the asp.net membership provider aspnet_Membership table, you will see that they kept the password, passwordsalt and username fields in almost the same record. Thus, from this point of view, there is no difference in safety when simply using the username for the salt value.

Please note that some systems use the same salt value for all passwords and save this in the configuration file. The only security difference here is that if they got access to a single salt value, then they can more easily create a rainbow table to crack all passwords at once ...

But then again, if they have access to the encrypted form of passwords, they will probably have access to the salt value stored in the user’s table along with it ... Which may mean that it will be a bit more difficult for them to determine the password values.

However, at the end of the day, I believe that almost all applications do not work on the encryption front, because they only encrypt what is supposedly one of the least important pieces of data: the password. What really needs to be encrypted is almost everything else.

After all, if I have access to your database, why don't I care if the password is encrypted? I already have access to important things ...

There are obviously other considerations in the game, but at the end of the day I would not sweat this one too much, since this is a secondary problem compared to others.

+3
Jul 27 '10 at 19:34
source share

If you use a username as a password, and there are many examples of your application, people can create rainbow tables for specific users, such as "admin" or "system", as is the case with Oracle databases or with a complete list of common names like them for WPA (CowPatty)

Better take a really random salt, it’s not that difficult, and it won’t come back to you.

+3
Aug 02 '10 at 13:03
source share

This method was considered safe enough for a workgroup that created HTTP digest authentication that works with a hash of the username: realm: password string.

I think you understand very well that this decision is secret. If someone stole your database and source code to find out how you actually implemented the hash, is it good that they register for access at that moment? A website that displays data in a database that they have already stolen?

In this case, salt buys your user a couple of security benefits. First, if the thief has pre-calculated values ​​(rainbow tables), they will have to recalculate them for each individual user in order to make their attack; if the thief after one user password, this is not a big win.

Secondly, the hashes for all users will always be different, even if they have the same password, so the thief will not receive any hash collisions for free (a crack of one user will receive 300 passwords).

These two benefits help protect your users who can use the same password on multiple sites, even if a thief tries to get databases from other sites.

Thus, while password hashing salt is best kept secret (which in your case is the exact data used for salt), it still provides benefits, even if it is compromised.

+1
Jul 27 '10 at 19:59
source share

Random salting prevents the comparison of two independently calculated password hashes for the same username. Without it, it would be possible to check whether a person’s password on one computer matches one another, or if the password matches the one used in the past, etc., Without an actual password. It would also greatly facilitate the search for such criteria as indicated above, even when a password is available (since it was possible to search for a computed hash rather than compute a hash separately for each old hash password value).

As for whether such prevention is good or bad, who knows.

+1
Jul 27 '10 at 20:00
source share

I know this is an old question, but for those who are looking for a solution based on this question.

If you use the resulting salt (as opposed to random salt), the salt source should be enhanced using a key derivation function such as PBKDF2.

Thus, if your username is "theunhandledexception", pass through PBKDF2 for x-iterations to generate 32-bit (or any other amount of salt you need).

Make x pseudo-random (as opposed to even numbers, like 1000), and pass the static site-specific salt to PBKDF2, and you will make it very unlikely that your salt username matches any other side of the username.

+1
Nov 15 2018-10-15
source share


More articles:


All Articles