SlideShare a Scribd company logo

Disclosing password hashing policies

Download as ODP, PDF
Michal Špaček
Michal Špaček

Would you voluntarily share how your web app stores passwords? Some companies indeed do share, for example Facebook and LastPass to name just a few. Some share involuntarily. Some don't share at all because they feel that it will make them more vulnerable. Here's why you should do that and how.

Internet
1 of 24
DISCLOSINGDISCLOSING PASSWORDPASSWORD HASHINGHASHING POLICIESPOLICIES Michal ŠpačekMichal Špaček www.michalspacek.czwww.michalspacek.cz @spazef0rze@spazef0rze A talk about letting users know what algorithm do companies use to hash users’ passwords, if any. With additional free speaker notes.
Ever wondered why some sites limit the length of passwords? You're not alone. Quite often when someone discovers that a site is limiting length of their password they ask why. Most of the times, they don't get any answer. Sometimes even the companies don't know because the guy who knew already left.
maxlength(64) = varchar(64)? People are a bit suspicious that the site might be storing their passwords in plaintext in a column 64 chars wide, if they limit the length to 64 chars. It might or might not be true but I don’t think there‘s any significant relation between maximum allowed password length and a password storage. Of course, storing passwords in plaintext actually requires limiting passwords length.
Users, like this Shotbow forum member, are asking especially when there's been a data breach at a site they use. Shotbow is a Minecraft server and they suffered a breach in May 2016.
Asking the general public can give you some very interesting answers. Let's just not go into details here, you know, encryption, hashing, Kerckhoffs' principle. Let's move on. Thanks Bruce @PwdRsch for sending me the link.
The passwords were hashed and salted and managed professionally. The official answer from a staff member wasn’t any better. If companies don’t disclose details, always expect the worst. Luckily, there are companies who have no problems disclosing all the details of their password hashing.
Like Facebook. Alec Muffett has disclosed Facebook's hashing algorithm in a talk at Passwords14 in Norway. Seriously, go watch it. They call the algorithm “The Onion”, because it has layers. At the core of it there's scrypt and HMAC.
LastPass utilizes the PBKDF2 with SHA-256 to turn your master password into your encryption key. Or LastPass which uses PBKDF2 with SHA-256 to turn master password into an encryption key. Or 1Password releasing 60 pages long PDF of their security design and regularly sending Jeffrey Goldberg to conferences like Passwords.
Some other smaller services have no problems disclosing their hashing policies either, like for example Scott Helme's report-uri.io, which is a great Content Security Policy and HTTP Public Key Pinning reporting tool. Scott’s got this on the login and sign-up page, right next to the password input field.
https://pulse.michalspacek.cz/passwords/storages I've actually started collecting info on how companies store user passwords. The collection is available at https://pulse.michalspacek.cz/passwords/storages. It's part of a bigger survey, I also scan HTTPS on Czech banks using SSL Labs Server Test every month. The name Pulse is heavily inspired by the work 18F does and which is available at https://pulse.cio.gov.
My site looks like this. So far (August 2016), I have less than 20 records but I want the collection to grow. If you know a site which should be listed, please let me know. I’ll add it. Here we see a company called Datadog and we see they are hashing user passwords with bcrypt. They’ve been rated with B-grade, we'll get to that.
Where I have more details, like hash params, I also share them. I always link to a public disclosure, so the site is actually more like a collection of links to who said what. If I have a historical data, I also share it as you see in this example.
Slow hashes + docs Slow hashes + blog, talk, social My scoring system is inspired by SSL Labs Server Test rating and it works in the following way. The better the hashing algorithm is and the better the disclosure is, the better score the site gets. So if they use bcrypt (or any other slow hash, like PBKDF2, scrypt, or Argon2) and they tell us in their docs, they score A. If they tell us only in a blog post, talk, or on a social media they score B, because a talk or a blog post is not that visible and you can't easily find it if you don't know what you're looking for. Both A and B are scores for safe password storage.
Other hashes + salted + iterations Other hashes + salted Other hashes, or encrypted A site scores C if they use unsuitable hashes like MD5 or SHA-1 with a salt and multiple iterations. They score D, if they hash passwords with one iteration of an unsuitable hashing function, with a salt. Grade E is for when they use plain fast hash or encrypt passwords. Users are advised to create unique passwords for sites with these scores, especially for sites with D or E.
FAIL Last but not least, F is for total failure, and that's when the site stores passwords in plaintext. When signing up for the service, users should use a unique password, not used anywhere else.
So, is it ok to share or disclose your password hashing policy? I think it's ok, especially if you do passwords and hashing right. If you don't do it right, then fix it and then disclose. But if you don‘t care…
bcrypt Some companies fear that if they disclose, they will become a target. Well, I have bad news for them, they already are a target. Companies get hacked no matter what hash they use. For example Datadog uses bcrypt to store their passwords and they have used it even before they suffered a breach in July 2016. Also Ashley Madison was using bcrypt even before the breach, but clearly passwords were not the motivation there. And I know several companies using plain MD5 or SHA-1 who didn‘t get hacked (yet). Or at least they don‘t know about it.
md5('240610708') == md5('QNKCDZO') 0e... == 0e... 0 == 0 Sometimes, you can even check yourself what hashing is used. There are several tricks, like this one for PHP: you sign up with password 240610708 and then try to log in with password QNKCDZO, and if you're in, then it's plain MD5. PHP compares the hashes as numbers if == is used, and they both start with 0e, followed by digits (exponential notation meaning zero times whatever), which means PHP compares them as zeros. If it doesn't work, it could still be MD5 but they could be comparing hashes in a different way, for example using ===. I've got similar tricks for few more algorithms on my GitHub. They all exploit some nice features in PHP.
5f4dcc3b5aa765d61d8327deb882cf99 If a database gets leaked, people can usually tell what hash is used just by looking at it. Or do you think this is a bcrypt hash? Not disclosing details of password storage won’t prevent database leaks. But if a company has publicly disclosed what exactly they use for hashing passwords, and there‘s a database dump claiming to originate at that company but it has different hashes, we know it‘s coming from elsewhere. PR‘s job is suddenly much easier.
Anthony Ferrara, aka ircmaxell, ran a test some time ago. He gave people two passwords, two salts per password and four hashes in total, and they had to reverse the hashing algorithm to produce a hash for password foo with salt barbarbarbarbarbarbarbarbarbarba. He provided 15 such algorithms, some of them pretty weird.
Amazing people listed above were able to find 14 algorithms. One guy found the server was leaking the algorithms and was able to “reverse” them all.
Open source software Disclosure by design If a site uses open source software, then they disclose by design. Which is a good thing after all, because it allows bugs in hashing to be fixed soon-ish.
Like this bug in PrestaShop. They were using MD5 with a static salt, then they have changed it to bcrypt in development version, but they have still used the extra salt. It was 56 bytes long, effectively cutting the passwords to 16 bytes, because bcrypt truncates passwords at 72 bytes. I've fixed the issue before they have released the code and made PrestaShop more secure just because they have disclosed the way they hash user passwords. Nevermind the BCryptSHA256 and encrypt keys, they were renamed in later revisions.
Michal ŠpačekMichal Špaček www.michalspacek.czwww.michalspacek.cz @spazef0rze@spazef0rze It's ok to disclose. It's ok to disclose your password hashing policies, especially if you use slow “password hashes”. Users will love the site more, guaranteed. And if you do something nasty to users passwords, then fix it before it's too late and then disclose, your users will love you too. I've been there and done that. Don‘t forget to let me know so I can add you to my list of sites and their hashing policies.

Recommended

I forgot my password – what a secure password reset needs to have and why
I forgot my password – what a secure password reset needs to have and whyI forgot my password – what a secure password reset needs to have and why
I forgot my password – what a secure password reset needs to have and whyMichal Špaček
 
The problem with the real world
The problem with the real worldThe problem with the real world
The problem with the real worldMichal Špaček
 
Operations security (OPSEC) in IT
Operations security (OPSEC) in ITOperations security (OPSEC) in IT
Operations security (OPSEC) in ITMichal Špaček
 
P@ssw0rds
P@ssw0rdsP@ssw0rds
P@ssw0rdsWill Alexander
 
Heartbleed Explained & LastPass Demo
Heartbleed Explained & LastPass DemoHeartbleed Explained & LastPass Demo
Heartbleed Explained & LastPass DemoWilliam Mann
 
Roberto Bicchierai - Defending web applications from attacks
Roberto Bicchierai - Defending web applications from attacksRoberto Bicchierai - Defending web applications from attacks
Roberto Bicchierai - Defending web applications from attacksPietro Polsinelli
 
Password hacking
Password hackingPassword hacking
Password hackingMr. FM
 
DEF CON 27 - BEN SADEGHIPOUR - owning the clout through ssrf and pdf generators
DEF CON 27 - BEN SADEGHIPOUR - owning the clout through ssrf and pdf generatorsDEF CON 27 - BEN SADEGHIPOUR - owning the clout through ssrf and pdf generators
DEF CON 27 - BEN SADEGHIPOUR - owning the clout through ssrf and pdf generatorsFelipe Prado
 

Recommended

I forgot my password – what a secure password reset needs to have and why
I forgot my password – what a secure password reset needs to have and whyI forgot my password – what a secure password reset needs to have and why
I forgot my password – what a secure password reset needs to have and whyMichal Špaček
 
The problem with the real world
The problem with the real worldThe problem with the real world
The problem with the real worldMichal Špaček
 
Operations security (OPSEC) in IT
Operations security (OPSEC) in ITOperations security (OPSEC) in IT
Operations security (OPSEC) in ITMichal Špaček
 
P@ssw0rds
P@ssw0rdsP@ssw0rds
P@ssw0rdsWill Alexander
 
Heartbleed Explained & LastPass Demo
Heartbleed Explained & LastPass DemoHeartbleed Explained & LastPass Demo
Heartbleed Explained & LastPass DemoWilliam Mann
 
Roberto Bicchierai - Defending web applications from attacks
Roberto Bicchierai - Defending web applications from attacksRoberto Bicchierai - Defending web applications from attacks
Roberto Bicchierai - Defending web applications from attacksPietro Polsinelli
 
Password hacking
Password hackingPassword hacking
Password hackingMr. FM
 
DEF CON 27 - BEN SADEGHIPOUR - owning the clout through ssrf and pdf generators
DEF CON 27 - BEN SADEGHIPOUR - owning the clout through ssrf and pdf generatorsDEF CON 27 - BEN SADEGHIPOUR - owning the clout through ssrf and pdf generators
DEF CON 27 - BEN SADEGHIPOUR - owning the clout through ssrf and pdf generatorsFelipe Prado
 
Evaluating a password manager
Evaluating a password managerEvaluating a password manager
Evaluating a password managerEvan J Johnson (Not a CISSP)
 
Nejčastější chyby při návrhu mobilního a responzivního webu prakticky | WebEx...
Nejčastější chyby při návrhu mobilního a responzivního webu prakticky | WebEx...Nejčastější chyby při návrhu mobilního a responzivního webu prakticky | WebEx...
Nejčastější chyby při návrhu mobilního a responzivního webu prakticky | WebEx...Jan Kvasnička
 
HTTP Strict Transport Security (HSTS)
HTTP Strict Transport Security (HSTS)HTTP Strict Transport Security (HSTS)
HTTP Strict Transport Security (HSTS)Michal Špaček
 
Message queues
Message queuesMessage queues
Message queuesAhmad karawash
 
Proper passwordhashing
Proper passwordhashingProper passwordhashing
Proper passwordhashingfangjiafu
 
Password hashing, salting, bycrpt
Password hashing, salting, bycrptPassword hashing, salting, bycrpt
Password hashing, salting, bycrptAhmad karawash
 
Zabezpečení Slevomatu
Zabezpečení SlevomatuZabezpečení Slevomatu
Zabezpečení SlevomatuMichal Špaček
 
Hashování hesel
Hashování heselHashování hesel
Hashování heselMichal Špaček
 
Hashing
HashingHashing
HashingSri Prasanna
 
Nejčastější chyby v mobilním objednávkovém procesu | Eshopista | 22.9.2016
Nejčastější chyby v mobilním objednávkovém procesu | Eshopista | 22.9.2016Nejčastější chyby v mobilním objednávkovém procesu | Eshopista | 22.9.2016
Nejčastější chyby v mobilním objednávkovém procesu | Eshopista | 22.9.2016Jan Kvasnička
 
Password management
Password managementPassword management
Password managementWilmington University
 
An Introduction to Hashing and Salting
An Introduction to Hashing and SaltingAn Introduction to Hashing and Salting
An Introduction to Hashing and SaltingRahul Singh
 
RFM analýza
RFM analýzaRFM analýza
RFM analýzaTaste Medio
 
Password Manager: Detailed presentation
Password Manager: Detailed presentationPassword Manager: Detailed presentation
Password Manager: Detailed presentationHitachi ID Systems, Inc.
 
Hashing
HashingHashing
Hashinggrahamwell
 
Functional Programming in JavaScript by Luis Atencio
Functional Programming in JavaScript by Luis AtencioFunctional Programming in JavaScript by Luis Atencio
Functional Programming in JavaScript by Luis AtencioLuis Atencio
 
Ch17 Hashing
Ch17 HashingCh17 Hashing
Ch17 Hashingleminhvuong
 
Jak zlepšit zabezpečení čtvrtiny celého webu
Jak zlepšit zabezpečení čtvrtiny celého webuJak zlepšit zabezpečení čtvrtiny celého webu
Jak zlepšit zabezpečení čtvrtiny celého webuMichal Špaček
 
Hashing Technique In Data Structures
Hashing Technique In Data StructuresHashing Technique In Data Structures
Hashing Technique In Data StructuresSHAKOOR AB
 
Quality of Life, Multiple Lines of Defense
Quality of Life, Multiple Lines of DefenseQuality of Life, Multiple Lines of Defense
Quality of Life, Multiple Lines of DefenseMichal Špaček
 
Salt Cryptography & Cracking Salted Hashes by fb1h2s
Salt Cryptography & Cracking Salted Hashes by fb1h2sSalt Cryptography & Cracking Salted Hashes by fb1h2s
Salt Cryptography & Cracking Salted Hashes by fb1h2sn|u - The Open Security Community
 
Cracking Salted Hashes
Cracking Salted HashesCracking Salted Hashes
Cracking Salted Hashesn|u - The Open Security Community
 

More Related Content

Viewers also liked

Nejčastější chyby při návrhu mobilního a responzivního webu prakticky | WebEx...
Nejčastější chyby při návrhu mobilního a responzivního webu prakticky | WebEx...Nejčastější chyby při návrhu mobilního a responzivního webu prakticky | WebEx...
Nejčastější chyby při návrhu mobilního a responzivního webu prakticky | WebEx...Jan Kvasnička
 
HTTP Strict Transport Security (HSTS)
HTTP Strict Transport Security (HSTS)HTTP Strict Transport Security (HSTS)
HTTP Strict Transport Security (HSTS)Michal Špaček
 
Proper passwordhashing
Proper passwordhashingProper passwordhashing
Proper passwordhashingfangjiafu
 
Password hashing, salting, bycrpt
Password hashing, salting, bycrptPassword hashing, salting, bycrpt
Password hashing, salting, bycrptAhmad karawash
 
Nejčastější chyby v mobilním objednávkovém procesu | Eshopista | 22.9.2016
Nejčastější chyby v mobilním objednávkovém procesu | Eshopista | 22.9.2016Nejčastější chyby v mobilním objednávkovém procesu | Eshopista | 22.9.2016
Nejčastější chyby v mobilním objednávkovém procesu | Eshopista | 22.9.2016Jan Kvasnička
 
An Introduction to Hashing and Salting
An Introduction to Hashing and SaltingAn Introduction to Hashing and Salting
An Introduction to Hashing and SaltingRahul Singh
 
Functional Programming in JavaScript by Luis Atencio
Functional Programming in JavaScript by Luis AtencioFunctional Programming in JavaScript by Luis Atencio
Functional Programming in JavaScript by Luis AtencioLuis Atencio
 
Jak zlepšit zabezpečení čtvrtiny celého webu
Jak zlepšit zabezpečení čtvrtiny celého webuJak zlepšit zabezpečení čtvrtiny celého webu
Jak zlepšit zabezpečení čtvrtiny celého webuMichal Špaček
 
Hashing Technique In Data Structures
Hashing Technique In Data StructuresHashing Technique In Data Structures
Hashing Technique In Data StructuresSHAKOOR AB
 

Viewers also liked (19)

Evaluating a password manager
Evaluating a password managerEvaluating a password manager
Evaluating a password manager
 
Nejčastější chyby při návrhu mobilního a responzivního webu prakticky | WebEx...
Nejčastější chyby při návrhu mobilního a responzivního webu prakticky | WebEx...Nejčastější chyby při návrhu mobilního a responzivního webu prakticky | WebEx...
Nejčastější chyby při návrhu mobilního a responzivního webu prakticky | WebEx...
 
HTTP Strict Transport Security (HSTS)
HTTP Strict Transport Security (HSTS)HTTP Strict Transport Security (HSTS)
HTTP Strict Transport Security (HSTS)
 
Message queues
Message queuesMessage queues
Message queues
 
Proper passwordhashing
Proper passwordhashingProper passwordhashing
Proper passwordhashing
 
Password hashing, salting, bycrpt
Password hashing, salting, bycrptPassword hashing, salting, bycrpt
Password hashing, salting, bycrpt
 
Zabezpečení Slevomatu
Zabezpečení SlevomatuZabezpečení Slevomatu
Zabezpečení Slevomatu
 
Hashování hesel
Hashování heselHashování hesel
Hashování hesel
 
Hashing
HashingHashing
Hashing
 
Nejčastější chyby v mobilním objednávkovém procesu | Eshopista | 22.9.2016
Nejčastější chyby v mobilním objednávkovém procesu | Eshopista | 22.9.2016Nejčastější chyby v mobilním objednávkovém procesu | Eshopista | 22.9.2016
Nejčastější chyby v mobilním objednávkovém procesu | Eshopista | 22.9.2016
 
Password management
Password managementPassword management
Password management
 
An Introduction to Hashing and Salting
An Introduction to Hashing and SaltingAn Introduction to Hashing and Salting
An Introduction to Hashing and Salting
 
RFM analýza
RFM analýzaRFM analýza
RFM analýza
 
Password Manager: Detailed presentation
Password Manager: Detailed presentationPassword Manager: Detailed presentation
Password Manager: Detailed presentation
 
Hashing
HashingHashing
Hashing
 
Functional Programming in JavaScript by Luis Atencio
Functional Programming in JavaScript by Luis AtencioFunctional Programming in JavaScript by Luis Atencio
Functional Programming in JavaScript by Luis Atencio
 
Ch17 Hashing
Ch17 HashingCh17 Hashing
Ch17 Hashing
 
Jak zlepšit zabezpečení čtvrtiny celého webu
Jak zlepšit zabezpečení čtvrtiny celého webuJak zlepšit zabezpečení čtvrtiny celého webu
Jak zlepšit zabezpečení čtvrtiny celého webu
 
Hashing Technique In Data Structures
Hashing Technique In Data StructuresHashing Technique In Data Structures
Hashing Technique In Data Structures
 

Similar to Disclosing password hashing policies

Quality of Life, Multiple Lines of Defense
Quality of Life, Multiple Lines of DefenseQuality of Life, Multiple Lines of Defense
Quality of Life, Multiple Lines of DefenseMichal Špaček
 
Password Storage Explained
Password Storage ExplainedPassword Storage Explained
Password Storage Explainedjeetendra mandal
 
Hashing Considerations In Web Applications
Hashing Considerations In Web ApplicationsHashing Considerations In Web Applications
Hashing Considerations In Web ApplicationsIslam Heggo
 
Kieon secure passwords theory and practice 2011
Kieon secure passwords theory and practice 2011Kieon secure passwords theory and practice 2011
Kieon secure passwords theory and practice 2011Kieon
 
Secure passwords-theory-and-practice
Secure passwords-theory-and-practiceSecure passwords-theory-and-practice
Secure passwords-theory-and-practiceAkash Mahajan
 
How Hashing Algorithms Work
How Hashing Algorithms WorkHow Hashing Algorithms Work
How Hashing Algorithms WorkCheapSSLsecurity
 
Introduction to CSS Preprocessors
Introduction to CSS PreprocessorsIntroduction to CSS Preprocessors
Introduction to CSS PreprocessorsBlake Newman
 
Resisting The Feature Creature
Resisting The Feature CreatureResisting The Feature Creature
Resisting The Feature CreatureChristian Heilmann
 
Password cracking and brute force tools
Password cracking and brute force toolsPassword cracking and brute force tools
Password cracking and brute force toolszeus7856
 
Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and crackingNipun Joshi
 
A Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing AlgorithmsA Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing AlgorithmsIRJET Journal
 
Advanced phishing for red team assessments
Advanced phishing for red team assessmentsAdvanced phishing for red team assessments
Advanced phishing for red team assessmentsJEBARAJM
 
IRJET- Login System for Web: Session Management using BCRYPTJS
IRJET- Login System for Web: Session Management using BCRYPTJSIRJET- Login System for Web: Session Management using BCRYPTJS
IRJET- Login System for Web: Session Management using BCRYPTJSIRJET Journal
 

Similar to Disclosing password hashing policies (20)

Quality of Life, Multiple Lines of Defense
Quality of Life, Multiple Lines of DefenseQuality of Life, Multiple Lines of Defense
Quality of Life, Multiple Lines of Defense
 
Salt Cryptography & Cracking Salted Hashes by fb1h2s
Salt Cryptography & Cracking Salted Hashes by fb1h2sSalt Cryptography & Cracking Salted Hashes by fb1h2s
Salt Cryptography & Cracking Salted Hashes by fb1h2s
 
Cracking Salted Hashes
Cracking Salted HashesCracking Salted Hashes
Cracking Salted Hashes
 
Password Storage Explained
Password Storage ExplainedPassword Storage Explained
Password Storage Explained
 
Hashing Considerations In Web Applications
Hashing Considerations In Web ApplicationsHashing Considerations In Web Applications
Hashing Considerations In Web Applications
 
Kieon secure passwords theory and practice 2011
Kieon secure passwords theory and practice 2011Kieon secure passwords theory and practice 2011
Kieon secure passwords theory and practice 2011
 
Secure passwords-theory-and-practice
Secure passwords-theory-and-practiceSecure passwords-theory-and-practice
Secure passwords-theory-and-practice
 
How Hashing Algorithms Work
How Hashing Algorithms WorkHow Hashing Algorithms Work
How Hashing Algorithms Work
 
Introduction to CSS Preprocessors
Introduction to CSS PreprocessorsIntroduction to CSS Preprocessors
Introduction to CSS Preprocessors
 
Hacking For Innovation Delhi
Hacking For Innovation DelhiHacking For Innovation Delhi
Hacking For Innovation Delhi
 
Resisting The Feature Creature
Resisting The Feature CreatureResisting The Feature Creature
Resisting The Feature Creature
 
Password cracking and brute force tools
Password cracking and brute force toolsPassword cracking and brute force tools
Password cracking and brute force tools
 
E forensic series
E forensic seriesE forensic series
E forensic series
 
Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and cracking
 
Hashing
HashingHashing
Hashing
 
A Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing AlgorithmsA Survey of Password Attacks and Safe Hashing Algorithms
A Survey of Password Attacks and Safe Hashing Algorithms
 
Advanced phishing for red team assessments
Advanced phishing for red team assessmentsAdvanced phishing for red team assessments
Advanced phishing for red team assessments
 
Hashing
HashingHashing
Hashing
 
IRJET- Login System for Web: Session Management using BCRYPTJS
IRJET- Login System for Web: Session Management using BCRYPTJSIRJET- Login System for Web: Session Management using BCRYPTJS
IRJET- Login System for Web: Session Management using BCRYPTJS
 
secure php
secure phpsecure php
secure php
 

More from Michal Špaček

Víceúrovňová obrana vysvětlená na Cross-Site Scriptingu
Víceúrovňová obrana vysvětlená na Cross-Site ScriptinguVíceúrovňová obrana vysvětlená na Cross-Site Scriptingu
Víceúrovňová obrana vysvětlená na Cross-Site ScriptinguMichal Špaček
 
Lámání a ukládání hesel
Lámání a ukládání heselLámání a ukládání hesel
Lámání a ukládání heselMichal Špaček
 
Fantom Opery, "VPN" a Secure Proxy v Opeře
Fantom Opery, "VPN" a Secure Proxy v OpeřeFantom Opery, "VPN" a Secure Proxy v Opeře
Fantom Opery, "VPN" a Secure Proxy v OpeřeMichal Špaček
 
XSS PHP CSP ETC OMG WTF BBQ
XSS PHP CSP ETC OMG WTF BBQXSS PHP CSP ETC OMG WTF BBQ
XSS PHP CSP ETC OMG WTF BBQMichal Špaček
 
Bezpečnost e-shopů (HTTPS, XSS, CSP)
Bezpečnost e-shopů (HTTPS, XSS, CSP)Bezpečnost e-shopů (HTTPS, XSS, CSP)
Bezpečnost e-shopů (HTTPS, XSS, CSP)Michal Špaček
 
Poučte se z cizích chyb
Poučte se z cizích chybPoučte se z cizích chyb
Poučte se z cizích chybMichal Špaček
 
Minulé století volalo (Cross-Site Scripting + BeEF + CSP demo)
Minulé století volalo (Cross-Site Scripting + BeEF + CSP demo)Minulé století volalo (Cross-Site Scripting + BeEF + CSP demo)
Minulé století volalo (Cross-Site Scripting + BeEF + CSP demo)Michal Špaček
 
Password manažeři detailněji – 1Password, LastPass, 2FA, sdílení
Password manažeři detailněji – 1Password, LastPass, 2FA, sdíleníPassword manažeři detailněji – 1Password, LastPass, 2FA, sdílení
Password manažeři detailněji – 1Password, LastPass, 2FA, sdíleníMichal Špaček
 
HTTPS (a šifrování) všude
HTTPS (a šifrování) všudeHTTPS (a šifrování) všude
HTTPS (a šifrování) všudeMichal Špaček
 
HTTP Strict Transport Security (HSTS), English version
HTTP Strict Transport Security (HSTS), English versionHTTP Strict Transport Security (HSTS), English version
HTTP Strict Transport Security (HSTS), English versionMichal Špaček
 
Bezpečnost na mobilních zařízeních
Bezpečnost na mobilních zařízeníchBezpečnost na mobilních zařízeních
Bezpečnost na mobilních zařízeníchMichal Špaček
 
Základy webové bezpečnosti pro PR a marketing
Základy webové bezpečnosti pro PR a marketingZáklady webové bezpečnosti pro PR a marketing
Základy webové bezpečnosti pro PR a marketingMichal Špaček
 
Víte, že nevíte, že já vím, že nevíte? (WebTop100 2014)
Víte, že nevíte, že já vím, že nevíte? (WebTop100 2014)Víte, že nevíte, že já vím, že nevíte? (WebTop100 2014)
Víte, že nevíte, že já vím, že nevíte? (WebTop100 2014)Michal Špaček
 
Noční můry webového vývojáře
Noční můry webového vývojářeNoční můry webového vývojáře
Noční můry webového vývojářeMichal Špaček
 
Kolik webových útoků znáš...
Kolik webových útoků znáš...Kolik webových útoků znáš...
Kolik webových útoků znáš...Michal Špaček
 

More from Michal Špaček (20)

Víceúrovňová obrana vysvětlená na Cross-Site Scriptingu
Víceúrovňová obrana vysvětlená na Cross-Site ScriptinguVíceúrovňová obrana vysvětlená na Cross-Site Scriptingu
Víceúrovňová obrana vysvětlená na Cross-Site Scriptingu
 
Lámání a ukládání hesel
Lámání a ukládání heselLámání a ukládání hesel
Lámání a ukládání hesel
 
Fantom Opery, "VPN" a Secure Proxy v Opeře
Fantom Opery, "VPN" a Secure Proxy v OpeřeFantom Opery, "VPN" a Secure Proxy v Opeře
Fantom Opery, "VPN" a Secure Proxy v Opeře
 
Medvědí služba
Medvědí službaMedvědí služba
Medvědí služba
 
XSS PHP CSP ETC OMG WTF BBQ
XSS PHP CSP ETC OMG WTF BBQXSS PHP CSP ETC OMG WTF BBQ
XSS PHP CSP ETC OMG WTF BBQ
 
Bezpečnost e-shopů (HTTPS, XSS, CSP)
Bezpečnost e-shopů (HTTPS, XSS, CSP)Bezpečnost e-shopů (HTTPS, XSS, CSP)
Bezpečnost e-shopů (HTTPS, XSS, CSP)
 
Poučte se z cizích chyb
Poučte se z cizích chybPoučte se z cizích chyb
Poučte se z cizích chyb
 
Minulé století volalo (Cross-Site Scripting + BeEF + CSP demo)
Minulé století volalo (Cross-Site Scripting + BeEF + CSP demo)Minulé století volalo (Cross-Site Scripting + BeEF + CSP demo)
Minulé století volalo (Cross-Site Scripting + BeEF + CSP demo)
 
Password manažeři detailněji – 1Password, LastPass, 2FA, sdílení
Password manažeři detailněji – 1Password, LastPass, 2FA, sdíleníPassword manažeři detailněji – 1Password, LastPass, 2FA, sdílení
Password manažeři detailněji – 1Password, LastPass, 2FA, sdílení
 
HTTPS (a šifrování) všude
HTTPS (a šifrování) všudeHTTPS (a šifrování) všude
HTTPS (a šifrování) všude
 
HTTP Strict Transport Security (HSTS), English version
HTTP Strict Transport Security (HSTS), English versionHTTP Strict Transport Security (HSTS), English version
HTTP Strict Transport Security (HSTS), English version
 
Bezpečnost na mobilních zařízeních
Bezpečnost na mobilních zařízeníchBezpečnost na mobilních zařízeních
Bezpečnost na mobilních zařízeních
 
Základy webové bezpečnosti pro PR a marketing
Základy webové bezpečnosti pro PR a marketingZáklady webové bezpečnosti pro PR a marketing
Základy webové bezpečnosti pro PR a marketing
 
Hlava není na hesla
Hlava není na heslaHlava není na hesla
Hlava není na hesla
 
HTTP/2
HTTP/2HTTP/2
HTTP/2
 
Víte, že nevíte, že já vím, že nevíte? (WebTop100 2014)
Víte, že nevíte, že já vím, že nevíte? (WebTop100 2014)Víte, že nevíte, že já vím, že nevíte? (WebTop100 2014)
Víte, že nevíte, že já vím, že nevíte? (WebTop100 2014)
 
Přechod na HTTPS
Přechod na HTTPSPřechod na HTTPS
Přechod na HTTPS
 
Noční můry webového vývojáře
Noční můry webového vývojářeNoční můry webového vývojáře
Noční můry webového vývojáře
 
Total Cost of Pwnership
Total Cost of PwnershipTotal Cost of Pwnership
Total Cost of Pwnership
 
Kolik webových útoků znáš...
Kolik webových útoků znáš...Kolik webových útoků znáš...
Kolik webových útoků znáš...
 

Recently uploaded

Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...kumargunjan9515
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdfMatthew Sinclair
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfJOHNBEBONYAP1
 
Best SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency DallasBest SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency DallasDigicorns Technologies
 
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...meghakumariji156
 
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查ydyuyu
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查ydyuyu
 
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirtrahman018755
 
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制pxcywzqs
 
一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理F
 
Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu DhabiAbu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu DhabiMonica Sydney
 
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime NagercoilNagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoilmeghakumariji156
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdfMatthew Sinclair
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...gajnagarg
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdfMatthew Sinclair
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdfMatthew Sinclair
 
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime BalliaBallia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Balliameghakumariji156
 
Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.krishnachandrapal52
 

Recently uploaded (20)

Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
 
Best SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency DallasBest SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency Dallas
 
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
 
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
 
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirt
 
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
 
一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理
 
Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu DhabiAbu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
 
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime NagercoilNagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
 
call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
 
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime BalliaBallia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
 
Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.
 

Disclosing password hashing policies

  • 1. DISCLOSINGDISCLOSING PASSWORDPASSWORD HASHINGHASHING POLICIESPOLICIES Michal ŠpačekMichal Špaček www.michalspacek.czwww.michalspacek.cz @spazef0rze@spazef0rze A talk about letting users know what algorithm do companies use to hash users’ passwords, if any. With additional free speaker notes.
  • 2. Ever wondered why some sites limit the length of passwords? You're not alone. Quite often when someone discovers that a site is limiting length of their password they ask why. Most of the times, they don't get any answer. Sometimes even the companies don't know because the guy who knew already left.
  • 3. maxlength(64) = varchar(64)? People are a bit suspicious that the site might be storing their passwords in plaintext in a column 64 chars wide, if they limit the length to 64 chars. It might or might not be true but I don’t think there‘s any significant relation between maximum allowed password length and a password storage. Of course, storing passwords in plaintext actually requires limiting passwords length.
  • 4. Users, like this Shotbow forum member, are asking especially when there's been a data breach at a site they use. Shotbow is a Minecraft server and they suffered a breach in May 2016.
  • 5. Asking the general public can give you some very interesting answers. Let's just not go into details here, you know, encryption, hashing, Kerckhoffs' principle. Let's move on. Thanks Bruce @PwdRsch for sending me the link.
  • 6. The passwords were hashed and salted and managed professionally. The official answer from a staff member wasn’t any better. If companies don’t disclose details, always expect the worst. Luckily, there are companies who have no problems disclosing all the details of their password hashing.
  • 7. Like Facebook. Alec Muffett has disclosed Facebook's hashing algorithm in a talk at Passwords14 in Norway. Seriously, go watch it. They call the algorithm “The Onion”, because it has layers. At the core of it there's scrypt and HMAC.
  • 8. LastPass utilizes the PBKDF2 with SHA-256 to turn your master password into your encryption key. Or LastPass which uses PBKDF2 with SHA-256 to turn master password into an encryption key. Or 1Password releasing 60 pages long PDF of their security design and regularly sending Jeffrey Goldberg to conferences like Passwords.
  • 9. Some other smaller services have no problems disclosing their hashing policies either, like for example Scott Helme's report-uri.io, which is a great Content Security Policy and HTTP Public Key Pinning reporting tool. Scott’s got this on the login and sign-up page, right next to the password input field.
  • 10. https://pulse.michalspacek.cz/passwords/storages I've actually started collecting info on how companies store user passwords. The collection is available at https://pulse.michalspacek.cz/passwords/storages. It's part of a bigger survey, I also scan HTTPS on Czech banks using SSL Labs Server Test every month. The name Pulse is heavily inspired by the work 18F does and which is available at https://pulse.cio.gov.
  • 11. My site looks like this. So far (August 2016), I have less than 20 records but I want the collection to grow. If you know a site which should be listed, please let me know. I’ll add it. Here we see a company called Datadog and we see they are hashing user passwords with bcrypt. They’ve been rated with B-grade, we'll get to that.
  • 12. Where I have more details, like hash params, I also share them. I always link to a public disclosure, so the site is actually more like a collection of links to who said what. If I have a historical data, I also share it as you see in this example.
  • 13. Slow hashes + docs Slow hashes + blog, talk, social My scoring system is inspired by SSL Labs Server Test rating and it works in the following way. The better the hashing algorithm is and the better the disclosure is, the better score the site gets. So if they use bcrypt (or any other slow hash, like PBKDF2, scrypt, or Argon2) and they tell us in their docs, they score A. If they tell us only in a blog post, talk, or on a social media they score B, because a talk or a blog post is not that visible and you can't easily find it if you don't know what you're looking for. Both A and B are scores for safe password storage.
  • 14. Other hashes + salted + iterations Other hashes + salted Other hashes, or encrypted A site scores C if they use unsuitable hashes like MD5 or SHA-1 with a salt and multiple iterations. They score D, if they hash passwords with one iteration of an unsuitable hashing function, with a salt. Grade E is for when they use plain fast hash or encrypt passwords. Users are advised to create unique passwords for sites with these scores, especially for sites with D or E.
  • 15. FAIL Last but not least, F is for total failure, and that's when the site stores passwords in plaintext. When signing up for the service, users should use a unique password, not used anywhere else.
  • 16. So, is it ok to share or disclose your password hashing policy? I think it's ok, especially if you do passwords and hashing right. If you don't do it right, then fix it and then disclose. But if you don‘t care…
  • 17. bcrypt Some companies fear that if they disclose, they will become a target. Well, I have bad news for them, they already are a target. Companies get hacked no matter what hash they use. For example Datadog uses bcrypt to store their passwords and they have used it even before they suffered a breach in July 2016. Also Ashley Madison was using bcrypt even before the breach, but clearly passwords were not the motivation there. And I know several companies using plain MD5 or SHA-1 who didn‘t get hacked (yet). Or at least they don‘t know about it.
  • 18. md5('240610708') == md5('QNKCDZO') 0e... == 0e... 0 == 0 Sometimes, you can even check yourself what hashing is used. There are several tricks, like this one for PHP: you sign up with password 240610708 and then try to log in with password QNKCDZO, and if you're in, then it's plain MD5. PHP compares the hashes as numbers if == is used, and they both start with 0e, followed by digits (exponential notation meaning zero times whatever), which means PHP compares them as zeros. If it doesn't work, it could still be MD5 but they could be comparing hashes in a different way, for example using ===. I've got similar tricks for few more algorithms on my GitHub. They all exploit some nice features in PHP.
  • 19. 5f4dcc3b5aa765d61d8327deb882cf99 If a database gets leaked, people can usually tell what hash is used just by looking at it. Or do you think this is a bcrypt hash? Not disclosing details of password storage won’t prevent database leaks. But if a company has publicly disclosed what exactly they use for hashing passwords, and there‘s a database dump claiming to originate at that company but it has different hashes, we know it‘s coming from elsewhere. PR‘s job is suddenly much easier.
  • 20. Anthony Ferrara, aka ircmaxell, ran a test some time ago. He gave people two passwords, two salts per password and four hashes in total, and they had to reverse the hashing algorithm to produce a hash for password foo with salt barbarbarbarbarbarbarbarbarbarba. He provided 15 such algorithms, some of them pretty weird.
  • 21. Amazing people listed above were able to find 14 algorithms. One guy found the server was leaking the algorithms and was able to “reverse” them all.
  • 22. Open source software Disclosure by design If a site uses open source software, then they disclose by design. Which is a good thing after all, because it allows bugs in hashing to be fixed soon-ish.
  • 23. Like this bug in PrestaShop. They were using MD5 with a static salt, then they have changed it to bcrypt in development version, but they have still used the extra salt. It was 56 bytes long, effectively cutting the passwords to 16 bytes, because bcrypt truncates passwords at 72 bytes. I've fixed the issue before they have released the code and made PrestaShop more secure just because they have disclosed the way they hash user passwords. Nevermind the BCryptSHA256 and encrypt keys, they were renamed in later revisions.
  • 24. Michal ŠpačekMichal Špaček www.michalspacek.czwww.michalspacek.cz @spazef0rze@spazef0rze It's ok to disclose. It's ok to disclose your password hashing policies, especially if you use slow “password hashes”. Users will love the site more, guaranteed. And if you do something nasty to users passwords, then fix it before it's too late and then disclose, your users will love you too. I've been there and done that. Don‘t forget to let me know so I can add you to my list of sites and their hashing policies.