|Pathologically Eclectic Rubbish Lister|
Re: Best way to hide passwords.by tadman (Prior)
|on Mar 06, 2001 at 04:30 UTC||Need Help??|
If you're using a '.htpasswd' style system, use MD5 crypt instead of DES. MD5 is much harder to crack than the simple DES encryption used by default, and it's perfectly compatible, at least when it comes to using Perl and crypt(). More on that in a second.
If you are storing passwords on your system, you want to ensure that even if the file should fall into the wrong hands, there is no easy way into your system. This is effected by having the passwords stored encrypted, just like they are in the UNIX '/etc/passwd' file (or, '/etc/shadow' which is more common these days). Since the passwords are sent via HTTP or a cookie, or some other mechanism in a non-encrypted way (even over "encrypted" SSL, they are decrypted into plain-text by the server for authentication), the encrypted passwords are no use since you still don't know the password to gain access.
As distributed.net proved, DES encryption is quite flimsy and hardly provides any security at all. You should use MD5 instead, which is a much more robust algorithm.
The trick to using MD5 instead of DES is in how you supply the "salt" to the crypt() function. If you follow the docs, you would supply two random letters. For MD5, you use eight, which allows for more variations when it is stored encrypted, which translates into better security.
Here's a standard-issue MD5 salt generator:
It is used just like always:
So you get passwords that are encrypted like:
Which are, incidentally, all the same password ('shjdajksds') with different "salt".
If you are using a database, such as MySQL, you could use the built-in PASSWORD() function which does the encryption for you. Or, you could use your own. It depends on the security of your application.
What you should not ever do is store passwords as plain-text. So, yes, encrypt the passwords in the file, but don't bother encrypting the whole file.