programming and human factors
by Jeff Atwood
In my previous post I Just Logged In As You, I disclosed that someone was logging in as me -- specifically because they discovered my password. But how?
If I wanted to discover someone's password, I can think of a few ways:
So which of these methods did this person use to obtain my password? None of them.
It wasn't a guess and it wasn't brute force.I guess I can tell you, so you don't fall into this trap again. There's a site I help out with that doesn't salt their passwords. They're MD5 encrypted, but if you've got a dictionary password, it's very easy to use a reverse-MD5 site to get the original. I was able to figure out you were a user on the site some time back, and realized I could do this, if only I knew your openid provider...
(As an aside, I complained to the head of the site months ago that he ought to start salting passwords for this exact reason. I also run my passwords I need to be secure through a few reverse-hash websites, just to ensure that it's not stored somewhere.)
So, the unethical part was actually looking up this information in the first place. I apologize. But like I said, better than someone else getting into this data.
Hey, it looks like you're storing passwords incorrectly!
We have met the enemy, and he is.. programmers just like us. Seriously, go read that blog entry. It is exactly, exactly what just happened to me.
When I say programmers like us, I mean me, too. I acknowledge that I am also at fault here, for...
All of this is true, and I shoulder the blame for that. Perhaps I should take my own advice. A moment of weakness, I suppose.
The important thing to take away from this, if you're a programmer working on an application that stores user credentials, is to get the hell out of the business of storing user credentials! As we've seen today, the world is full of stupid users like me who do incredibly stupid things. Are you equipped and willing do everything necessary to protect idiots like me from myself? That's a key part of the promise of OpenID, and one of the reasons we chose it as the authentication system for Stack Overflow. As one commenter noted on Reddit:
I, for one, think that my OpenID provider is more secure than the average guy running a forum.
Exactly. We outsourced our user credential system to people who are much better at it than us (well, depending on which OpenID provider you pick). And also because we didn't think the world needed yet another username and password. You're welcome. I think.
So, what have we learned?
GOTO 1
(Oh, and credit to Malte, the first commenter to correctly identify what the likely password vulnerability was -- less than an hour after the entry was posted!)
Oh - and I don't bother with standard algorithms. I like customising them a bit
Yeah me too. I have finally settled on a modified SHA-256 that generates only 6 unique different hashcodes like ... ever. Very handy indeed, because it makes it so much easier to grep for my password hashes, and also to log onto my systems once I forget the password.
As for customer support: they have the following list of words that exhaust the hash domain in terms of possible hashes, making it so much easier to help users recover lost passwords:
bunny
idiot
zelot
obfuscation
broken
random
Fun fact: 'orange' is a hash collision with 'broken', as well as 'pita' or 'painful'
Seth on May 7, 2009 4:39 AMis some form of standard in security protocols among OpenID providers,
er.. like .. https and ssl? which.. already exists? and many OpenID providers support? Verisign also offers two-factor auth via a keyfob for their OpenID accounts.
OpenID means you get to pick how much security you need. Just like your wallet contains multiple forms of identity of varying levels, so should your online presence..
Jeff Atwood on May 7, 2009 5:13 AMmd5generator.com uses server-side processing to generate the hash, so unless you trust them completely, you should probably use a client-side MD5 generator page like http://www.xs4all.nl/~jlpoutre/BoT/Javascript/Utils/md5_hashing.html or http://www.webtoolkit.info/demo/javascript/md5/demo.html (both of these generate on the fly, and give the same results).
l0b0 on May 7, 2009 5:30 AMìOpenID means you get to pick how much security you need. Just like your wallet contains multiple forms of identity of varying levels, so should your online presence..î
I think the issue I have with the argument for OpenID in this post is that on one hand it will protect idiots from themselves, and by idiots you mean people who use the same password for all logins. But then as soon as security is mentioned all the work is put onto the user to ensure they choose the right level of security, which they can only do my carefully researching a lot of technical details about each provider, and I just donít see the idiots of the world doing that. So we have a system that will only benefit the non-idiots who donít really need it.
The anon email started out with I found what one could call a security hole in Stackoverflow.
After reading the follow up post, I don't see how this statement is true in the context of Stackoverflow being a website and it (the website) having a security hole. As anyone that follows this kind of topic, we all know that people are the weakest link in any decent security plan. The above statement is misleading and I think has led to the letdown or anti-climatic feeling some have expressed.
AC on May 7, 2009 5:33 AMìYou use email, yes? Better hope they do passwords right!î
Iím still not sure Iím getting the point about email. The argument seems to be that because there is already a global vulnerability in the form of emails, we might as well introduce another one in the form of OpenID.
I have lots of different passwords, but an attacker can bypass this by hacking my email account and requesting password resets for all my accounts. So I get an OpenID account with just one password and now an attacker can get access to all my accounts via email _or_ via my OpenID password. It seems Iíve now go two weak links where I had one ñ with the added disadvantage that now an attacker getting access via my email can reset all my passwords in a single go.
So what am I missing here?
Steve W on May 7, 2009 5:41 AMSorry to reply again, but I just had to find a web page with an embedded MD5 generator (and *only* that) that I could save to disk and check the code, so I could be sure that nobody would be able to snap up my password. Without further ado: http://www.java2s.com/Code/JavaScript/Security/MD5HashinginJavaScript.htm (copy and paste the HTML to a separate file, obviously).
l0b0 on May 7, 2009 6:02 AMThis reminded me of my blog entry from 2005, Password Authentication Without Revealing Your Password, at: http://blog.asgeirnilsen.com/2005/11/password-authentication-without.html
If you include some Javascript in the login page, all passwords will be SHA256 hmac protected, keyed with user ID, before leaving the browser.
See a working demonstration here: http://asgeirnilsen.com/hmac-password-login.html
I have also extended this scheme to challenge-response with an expiring challenge, or keying the password one more time with for instance the client IP address.
Asgeir S. Nilsen on May 7, 2009 7:27 AMDoes supergenpass make sites much more secure to a rainbow table approach? It seems to me that now the crackers need n*m rainbow tables where n is the number of password munging tools and m is the number of domains they want to crack. As the number of password munging tools seems quite low and the crackers are only going to be looking at one website at a time to try and find passwords this doesn't increase the search space by so much - just some extra time will need to be expended to generate a table for each website.
dan on May 7, 2009 7:39 AMAnonymouse is correct -- that wasn't that much of a problem of not-salted password.
It was a problem of trusting database with passwords to the programmer who was willing to hack it and use hacked password.
On the other hand -- the hacker-programmer didn't really use it to make harm, so I wouldn't blame him for that too much.
Besides, the hacker couldn't really use that stolen password to harm Jeff, because otherwise he would be under serious risk of being identified (from login logs) and prosecuted.
Hacking into someone machine is a felony in the US.
The only Jeff's mistake was that he kept important password the same as unimportant password.
Web site that used not very reliable helper is ok with saltless encryption. Of course, salting passwords would be better (I salt passwords on my web site using ASP.NET Membership provider), but even without salt encryption is doing good enough job.
I didn't read all of the comments here but I have to say that salting is so effortless. With most frameworks, authentication is generally taken care of. The password hashing scheme and salt are always found in a good framework.
As for passwords, I use SuperGenPass. While it does not support non-alphanumeric characters, it does a good job at being random and always working. The bigger problem I find is the security questions that are used for changing the password of accounts and also maintain a secure centralized email account.
Ryan Rampersad on May 7, 2009 8:49 AMHey Jeff let me write your next blog post for you.
Why isn't everyone using PasswordSafe yet?
It dpes what it sounds like. You keep a list of passwords and password protect that with a master passphrase (the safe combination).
If it sounds risky, it's not. Hear me out.
PasswordSafe is open source, so the hundreds of eyeballs thing is going on. It uses real security to protect your data; SHA-256 and the Twofish algorithm. The underlying implementation is quite good and even offers some future proofing (in case CPUs get faster).
It runs beautifully on Windows and pretty well on UNIX-like systems. On Windows it's reasonably paranoid, the safe locks (requiring you to re-enter your combination) if you haven't used it in a few minutes (tunable) or if your screensaver kicks on (also tunable).
The best part of storing your passwords in PasswordSafe is that you don't need to bother remembering them anymore. It can, invisibly, stick your password into your paste buffer so human eyes never see it. What this means is you can start using unique, absurdly long, randomly generated passwords for each web site. And with the new AutoType feature, you can configure PasswordSafe to automatically log you into your web sites at the push of a button.
It's secure AND in my case it was MORE convenient.
Michael Bacarella on May 7, 2009 9:03 AMKnowing the salt and having the hash lets you do a dictionary attack on your own machine(s), so you don't need to use a MD5 database.
???? What? You're describing pure brute force, and presumably you have all the time in the world.
While Jeff makes big Hay about the fact that the password wasn't salted, the #1 -- by ***far*** -- security vulnerability was the reuse of passwords across sites.
So what if the site SHA512 triple hashed it with a standard prefix and a suffixed nonce. Would Jeff have been safe?
Of course not. We're talking about insiders at this site, and anyone could just as easily log away passwords during authentication (even targeting specific individuals). Unless you trust every individual at every site that you share passwords at (which would be pretty foolhardy), you are putting yourself at risk.
Don't share passwords across sites. It's as simple as that.
Dennis Forbes on May 7, 2009 9:30 AMWhat's the phrase I am looking for?
Oh yes,
All your passwords are belong to us
timj on May 7, 2009 9:48 AMCant wait for a keypoint site, because a codinghorror is already useless
Raphael on May 7, 2009 9:52 AMer.. like .. https and ssl? which.. already exists? and many OpenID providers support? Verisign also offers two-factor auth via a keyfob for their OpenID accounts.
Maybe I wasn't clear enough - my worries deal with the security of the OpenID providers, not the network protocols or the authentication mechanism. I'm concerned about an OpenID provider allowing script tags in the user profile - no comment on that part?
If everyone gave OpenID providers their logins, they'd need to become a virtual Fort Knox - as they'd become the target of every black hat script kiddie on the planet. The way security is handled by at least some providers is scary. What I call for is a common set of protocols audit procedures to keep the providers as secure as possible (serious protocols that is, the site I mention has that stupid McAfee Secure tested logo on it, jeez!) . Until that happens, I'm not about to give anyone the keys to ALL my kingdoms and wait for the day when they make the front page of all the tech rags.
I won't even go into the usability of the current implementations - if you try to use your Yahoo! OpenID on another site, you're greeted by a doom-and-gloom message: Warning: This website has not confirmed its identity with Yahoo! and might be fraudulent. Do not share any personal information with this website unless you are certain it is legitimate. To the average user, this would be enough to close the page and forget about OpenID.
Then, there is: When you leave this page, you will be sent to openid.blah.net - a website not owned, operated, or controlled by Yahoo!. You must sign out of openid.blah.net and Yahoo! to completely be signed out of both sites. I wonder, again, how clear this is to the average user.
I completely agree with Obasanjo's Why This Will Never Happen part of his post on OpenID...
Mike on May 7, 2009 9:53 AMDoes it really matter if it's a dictionary password in reality or not? He could figure it out and that should be enough. Why Not Use Something Easy = WNTUSE as a password? Or something similar? This way you can have a different password for every site, just change the ending...
Bumhunter on May 7, 2009 10:02 AMI believe that there is something else to remark upon.
Jeff made a bit of a mess-up, and someone was polite enough to tell him of an exposure instead of exploiting it. Bully for them.
Also, there's a recent bit of writing on the topic of crowds or groups of people like a similar goal. The notion is that the group has more experience, or knowledge, or ability, than any individual in the group; the trick is to use it. In this case, we see that dynamic in play:
(1) Person #1 has visibility, and person #2 notices a vulnerability of a password.
(2) By the choices of person #2, to write a very-polite email (dude! dictionary lookup!), the problem is resolved and all nearby persons engage in rather helpful discussion.
The group just got smarter, or at least, a bit more well-informed.
Thanks, Jeff and also anonymous-good-Joe.
Jeff Bowles on May 7, 2009 11:29 AMMalte wrote the following: The most likely cause was that you used it on his site and he is logging passwords or saving them un-hashed.. Jeff, the problem also lies in the security of your website. You never should have allowed OpenID accounts te be used for accounts with more rights, thus a seperate account for tasks with power.
Sebazzzz on May 7, 2009 11:46 AMThe real problem lies in so many trivial sites demanding registration and logins.
I'm looking at you Joel Spolsky.
Fed... up on May 8, 2009 2:07 AMI'm confused by that Omar ra By rd (MMM) site. Is it for real, an advertisement for advertising services, or just a clever parody that my sleep-fogged brain cannot penetrate?
If it is not satire already, it is certainly ripe for the picking by satirist and/or educator.
JN on May 8, 2009 2:43 AM@Michael C. Neel
Micheal, I disagree, the attacks presented on that site are no different then phishing attacks you can pull on almost any login system anywhere.
I also think it is a bit out of date, because, correct me if I am wrong here, I believe OpenId logins will piggyback on previously logged in session (via cookies I am assuming).
Just Stopped In on May 8, 2009 3:35 AMI worked for a Law firm last year, and everyone in the company has the same password for their CMS system. No one knows what it is other than some people in IT support and the handfull of developers they have there, as everyone logs in automatically using their windows username. The worst thing is, is this password is hardcoded into many applications they use, and there is some real confidential info stored in there. I was thinking of exposing them, but I know it would cause them too many problems at the moment, and it's not like it can be fixed anytime soon. The password has been the same for over 10 years!... All I can say is.. I'm glad I'm not responsible for that choice!
NP on May 8, 2009 4:35 AMWorlds most cryptographically cool salt:
035036503530
deepur on May 8, 2009 5:59 AMRegis, I don't think you understand, a good password salting prevents these MD5 reverse lookups on weak passwords. You can't factor the salt out of a hash and then do a reverse look up.
MD5('password123') = hash that can be looked up
MD5('password123' + 'floobardriver3k') = not so much
Stephen A. Goss on May 8, 2009 11:56 AMThe social aspect of reusing the same password seems more a culprit here that the fact that it was revealed due to a weak implementation technique.
The best strategy here would be to try a variation of a base password for various sites strictly never to reuse any aspect of a critical site password (say online banking password) with a trivial website/forum password.
And as NMONNET rightly puts it - sometimes some brain-dead websites will force you to stick to a specific password length forcing you bypass your scheme.
10: Programmers are the enemy.
20: Hey .. wait a second, I'm a programmer!
30: GOTO 1
Damn punk kid doesn't know about BASIC RENUMBER.......
Richard C Haven on May 8, 2009 1:00 PMWhat is so magical about salting before running MD5? Any employee with access to the source code knows your salt and can therefore perform the same attack.
Regis on May 8, 2009 1:06 PMìI disagree, the attacks presented on that site are no different then phishing attacks you can pull on almost any login system anywhere.î
Except for the obvious point that if you are phished on any login system youíve only lost that login (as long as you donít use the same password on all sites.), whereas if your OpenID login is phished youíve lost all your logins.
Plus, I would say that as OpenID is already confusing for the average user, they are less likely to notice anything unusual in the phishing attempt.
Regis, salting is not magic (just like adding salt to your food) and if you do it wrong, you will not gain any extra security.
If you add a different salt to each password (which you should) before hashing it then users with the same password will have different hashes. This means that an attacker would need to build a whole rainbow table for each different stored salt which makes rainbow tables no quicker than normal brute-force. Even before rainbow tables were invented, it was still possible to attack multiple stored hashes at once with each computed hash during the brute-force run unless they each had a different salt applied to them. With different salt applied to each password, only one password at a time could be brute-forced.
Many developers understand that they should use salt but they hard-code it into their application and apply the same salt to every password. This will mean that an attacker would have to create a new rainbow table for the list of hashes but the same table would work for all of them, not just one. Some developers do even worse and add the salt after the hashing has been done which is trivial to remove and means that any old rainbow table will work, not just one specifically designed for these hashes.
Of course, some do even worse and simply store plain-text passwords in their database. This is far more common than it should be. For instance, I recently clicked the Forgot password button on http://www.searchsecurity.com and they emailed it to me. Sure, they randomly generated a 25 character password with upper and lower case letters and numbers for me when I signed up but then they stored it in plain text in their database and emailed it to me whenever anybody asks.
...and these guys want to give me advice on security!
Jeff, I love the phrase hand salting your passwords. It makes security sound more and more like cooking. :-)
David Keech on May 9, 2009 4:58 AMThe best strategy here would be to try a variation of a base password for various sites strictly never to reuse any aspect of a critical site password (say online banking password) with a trivial website/forum password.
So, basically you're hand salting your passwords .. :)
Jeff Atwood on May 9, 2009 1:31 PM 1. Programmers are the enemy.
2. Hey .. wait a second, I'm a programmer!
3. EXIT 0
...to not waste brain/cpu time
Alessandro on May 10, 2009 3:23 AMAgain, from my comment above:
How would salted passwords have helped here?
Jonas on May 10, 2009 12:16 PMWhich blog post revealed your OpenId provider and how did he find it? I looked through some of your old posts and it didn't jump out at me.
chad on May 12, 2009 5:21 AMI use 8-digit random numbers now for both my user name and my password, different for every site, and I write them down in a Moleskine. I photocopy that every three months or so and store it offsite. I use fake birthdates and zip codes, and for backup security questions I make them up (What is your mother's maiden name? 83293422) and write them in my Moleskine.
I suppose I should use 32-digit hex numbers, but I'd have to give up the Moleskine.
When I travel (which I rarely do) I take the Moleskin and keep it constantly on my person. If I travelled a lot I might not want to use this password technique, since I'd be afraid of losing the Moleskine.
Jumbo on May 12, 2009 11:19 AMI like the Moleskine approach, maybe I'll hide my passwords in some stylish drawings :).
Csaba K. on May 14, 2009 2:08 AMHi, guys, my husband changed about a year ago, he just seemed to go cold and unloving and I didn't know why. I suspected that he may be having an affair and after hiring a href=http://www.activehackers.com/http://www.activehackers.com//a,">http://www.activehackers.com//a,">http://www.activehackers.com/http://www.activehackers.com//a, I discovered that he was cheating on me with a woman from his work. They had been renting motels and using them during lunch times. I'm not the smartest person in the world but to a href=http://www.activehackers.com/hacking hotmail passwords/a, if I can do it using the information a href=http://www.activehackers.com/how-to-hack-into-hotmail-accounts-password-for-100.phphacking hotmail passwords/a from ActiveHackers.com, anyone can!brbr
a href=http://www.rayahari.com/hack-Facebook-passwords.phpcrack facebook password/a - a href=http://www.milanorosa.com/how-to-hack-into-yahoo-hack-someones-yahoo.phphow to hack into yahoo/abrbr
a href=http://www.cheapcrack.net/where can i find a program to hack yahoo/a - a href=http://www.beahacker.info/best free way to hack hotmail password/abrbr
-- Mary T, Glendale, AZ
a href=http://www.activehackers.com/http://www.activehackers.com//a">http://www.activehackers.com//a">http://www.activehackers.com/http://www.activehackers.com//a is great hacking service! Thanks to RayaHari.com for giving me the hotmail password. I will use a href=http://www.activehackers.com/hacking hotmail passwords/a hacking service again. These guys are fast, professional, and trustworthy! My order was ready within 2 days of request, and I received the my husband's email account password an hour after sending my Paypal payment! Thank you Thank you! WOW fast and efficient. VERY impressed with a href=http://www.activehackers.com/how-to-hack-into-hotmail-accounts-password-for-100.phphacking passwords hotmail/a service,I hope that I will have to use RayaHari.com but it is good to know it is availablebrbr
a href=http://www.rayahari.com/hack-Facebook-passwords.phphack into facebook account /a - a href=http://www.milanorosa.com/how-to-hack-into-yahoo-hack-someones-yahoo.phphack into yahoo/abrbra href=http://www.cheapcrack.net/where can i find a program to hack yahoo/a - a href=http://www.beahacker.info/best free way to hack hotmail password/abrbr
Paula Robinson, New Yorkbrbr
US
https://addons.mozilla.org/en-US/firefox/addon/3282
Probably the best idea I've ever seen, wish it was built into browsers...
Salt the password in the form as well:
wel login example - http://blog.xeneco.co.uk/?p=10
Chris on May 28, 2009 3:17 AMWould it be a good idea to MD5 a users password, then use that hash as a salt (+ original password) to generate the final hash?
hash = MD5(MD5(password) + password);
Something like that?
Ives van der Flaas on May 30, 2009 3:47 AMchanged about a year ago, he just seemed to go cold and unloving and I didn't know why. I suspected that he may be having an affair and after hir
links of london on August 26, 2009 3:04 AMAbercrombie & Fitch on Sale, Hoodies, Jeans, T-Shirts, Pants, Polos abercrombie and fitch abercrombie fitch abercrombie cheap abercrombie fitch Abercrombie Men Tee abercrombie womens polos Abercrombie & Fitch Men, women, and children's clothing
abercrombie and fitch on August 28, 2009 2:39 AMWe all know what happens to women who wear the famed red lacquered sole shoes. They are instantly filled with a wicked sense of sexy self and fall hopelessly in love with its creator: the great shoe designer Christian Louboutin. Christian Louboutin’s fascination for women’s footwear began as a child growing up in Paris, where he discovered the world of high fashion and glamour in the city’s nightlife. His early passion for dancing and showgirls inspired him to incorporate elements of costume into everyday designs. This whimsical and seductive union makes for utterly unmistakable and irreplaceable designs. He passed through the iconic fashion houses of Charles Jourdan and Roger Vivier before opening his flagship boutique in Paris in 1992, marking the birth of the Christian Louboutin brand. His be-jewelled heels have become the most coveted accessory on high-profile glamour girls all over the world. "Shoes are more than just an accessory; they are an extension of a woman.
http://www.christianlouboutins.de
http://www.christianlouboutins.de/christian-louboutin-pumps-c-12.html
http://www.christianlouboutins.de/christian-louboutin-sandals-c-13.html
http://www.christianlouboutins.de/christian-louboutin-boots-c-14.html
This means that an attacker would need to build a whole rainbow table for each different stored salt which makes rainbow tables no quicker than normal brute-force. Even before rainbow tables were invented, it was still possible to attack multiple stored hashes at once with each computed hash during the brute-force run unless they each had a different salt applied to them.
yazgülü on September 8, 2009 4:52 AMIt was a very nice idea! Just wanna say thank you for the information you have shared. Just continue writing this kind of post. I will be your loyal reader. Thanks again.
Wow gold on September 29, 2009 12:52 PMThis article has prompted me to do a serious password audit. My password system has, for years, been truly idiotic. Thank you.
Jules on October 10, 2009 11:44 AMI like the Moleskine approach, maybe I'll hide my passwords in some stylish drawings
Kadın Olmak on October 13, 2009 1:40 PMVery cool! Congrats on the pairing.
ed hardy clothing on October 22, 2009 9:11 AMThanks for your information, i have read it, very good!
Very cool! Congrats on the pairing.
street lamps on October 24, 2009 2:47 AMI like the Moleskine approach, maybe I'll hide my passwords in some stylish drawings
kadinca on November 1, 2009 4:40 AMyou are right.While I can't rule out paranoid fantasies of keyloggers, if my machine was so thoroughly 0wnz0red, I think my OpenID password would have been the least of my worries at that point.
Educated guess is wrong.I won't believe you.
valves manufacturer on November 4, 2009 10:22 AMAfter two separate accounts of me having to explain prolonged downtime to a customer with a lot of tech-ramble, but really it was me having locked myself out of my remote server (and no 24/7 support...) one ponders if more structured password management should be implemented....
hmmm...this was not a comment, I just realized...ehhh...great read!
mrVrakPant on November 15, 2009 6:04 AMI guess you're not going to tell us what the password was then. You have changed it already, right?
Anon on February 6, 2010 11:16 PMIts joshua, right? Just admit it. Its ok, many of us grew up with Wargames too.
Denton Gentry on February 6, 2010 11:16 PM@der4444 nice that we've got criminals along for the ride here. *sigh*
Anon on February 6, 2010 11:16 PM@Matt (and others with similar rules) you will get 0wn3d
Anon on February 6, 2010 11:16 PM@Whaledawg said but I use KeePass portable
Cool tool...I've been using Password Minder ( a href=http://alt.pluralsight.com/tools.aspxhttp://alt.pluralsight.com/tools.aspx/a">http://alt.pluralsight.com/tools.aspx/a">http://alt.pluralsight.com/tools.aspxhttp://alt.pluralsight.com/tools.aspx/a ) for a long time, if anyone wants to try it out.
Jason on February 6, 2010 11:16 PMWhoa...I forgot to type a name, and it seems that the try again page had already escaped the URL...I didn't even notice on that page.
URL again: http://alt.pluralsight.com/tools.aspx
Jason on February 6, 2010 11:16 PMYou're taking the wrong lessons from this. It's not they're storing their passwords wrong and you should use a passphrase not a password although I'm sure they're both true.
The correct lesson is you can't trust more than one website with the same password because you don't know up front how it will be treated.
In this case they'd made some (inadequate) efforts to do the right thing, but were subverted by an employee doing something they weren't supposed to. This could happen in a lot of places even where passwords are stored securely. For example, are their procedures in place to stop a developer inserting code to write passwords to a second secret location as well as in the main DB?
So now you have to worry not only about their information architecture, but also their code review and deployment procedures and their skill in recruiting ethical people.
Bottom line is, that while this hack was made easier by your weak password and their weak hash, in absolute terms it was made possible by your re-used passwords.
Not that I ever re-use passwords of course, don't think that for a second ;-)
Gareth Simpson on February 6, 2010 11:16 PMOh jesus, and after all that, this so-called hacker blames the fact that the passwords weren't salted, as opposed to the fact that they were stored as MD5 hashes.
For the love of all that is holy, bcrypt it.
Aaron G on February 6, 2010 11:16 PMSyd:
The reason salt is relevant is that it protects you from simple reverse MD5 lookups. If your password is password, and there's no salt, the MD5 hash is 5f4dcc3b5aa765d61d8327deb882cf99 - there are plenty of sites on the Internet which will tell you that 5f4dcc3b5aa765d61d8327deb882cf99 is the hash of password.
If, on the other hand, I use salt, it's harder. I can tell you that the salt is SNJC6QAf7qA and it's prepended before hashing, but none of the sites that can reverse 5f4dcc3b5aa765d61d8327deb882cf99 know that fc76e940eda4fef064882c86d294c46e is the hash of SNJC6QAf7qApassword.
To prove my point, if I tell you that my password's MD5 hash is 8efe310f9ab3efeae8d410a8e0166eb2, you can look it up at http://md5.gromweb.com/ If I tell you that I salt it with just SN, prepended, and the resulting hash is d2e71c78475b829052a5ec78dbfeeae6, you can't look it up.
Simon Farnsworth on February 6, 2010 11:16 PMI use dictionary based but obscurified passwords based on the provider, so that I have a half chance of memorising them eventually, and for a while stored them in an encrypted PDF on a flash drive.
Have just discovered truecrypt so now that is a text file on an encrypted partition, so that copy and paste works more easily. And obviously I have a 24 digit non-dictionary-based password to the partition itself!
It may not be as convenient as other password managers, but it does give me the incentive to eventually memorise them, so that when I am lost in the wilderness with only an internet cafe I can still log into my VPN and print a HELP message on my machine at home (and then check my google reader feeds while I wait for my rescuers...)
Anon on February 6, 2010 11:16 PMThankyou Jeff.
While the method of finding a password that caught you is one that has always been floating in the mist at the back of my mind (having poorly implemented a number of password systems in my junior days), your situation has finally highlighted the severity of the problem.
I am currently in the process of reviewing and resetting every one of my 50+ login passwords. My entire approach to personal password management is now changed.
Thankyou.
Jason Snelders on February 6, 2010 11:16 PMI agree we need better laws as this will stop it in the first place from happening. http://www.buzzle.com/articles/reverse-cell-phone-number-lookup-paid-or-free-cell-lookup.html
Mervin Donnelly on December 9, 2010 1:25 PMThe comments to this entry are closed.
Subscribe in a reader
Subscribe via email
|
|
Traffic Stats |