Im looking for the most secure (but still doable) way to manage passwords in a web application.
Now I save the password as a hash. The application's DB account is limited to the exception of stored procedures, and I authenticate users by providing a username and hashed password for the stored procedure, which returns 1 (true) or 0 (false).
Thus, there is no way to get the password from the server, even if you have an application DB account. What I like about this solution. But in order to use this, the client must send its password over the Internet, or at least a static hash that could be caught.
So, I came up with the idea of ββusing a handshake like this:
- The client requests a server for salt.
- Random salt is provided to the client and stored on the server for this individual client.
- The client makes a Hash (salt + password) and returns this hash to the server
- The server makes a Hash (salt + password) and checks if it matches the client
Using this handshake allows you to verify the password without sending yourself or a static hash. Just a dynamic salt hash that is different every time a user logs in => Very safe.
But for this handshake, I need a password, or at least a hashed password from the database. But this allows someone to get at least a hashed password and run the bruteforce command outside the application.
Which would you prefer? Storing a password inside the database and creating something there (a secure server) or getting it from the database and leaving it (safe transfer)?
Thanks in advance, Marks
security database passwords hash
Marks
source share