Password Storage Systems

Password Storage Basics

Systems storing user passwords should never store the passwords in plain text. Instead the password should be processed with a one way hashing function and store the results of said function in the password database. When a user later logs in the user supplied password is processed with the same one way hashing function and compared to the database of hashed passwords. This sounds a little strange but it builds a lot of resilience into your system. Think of this scenario if an attacker gains full access to your system they can then steal the password database and try using the passwords to log into even more of your systems. If the passwords are hashed using a strong algorithm the attackers cannot easily read user passwords.

Salting Hashed Passwords

Even if passwords are hashed an attacker could pre process a list of possible passwords and their associated hashes. These lists are often called rainbow tables and take a significant time to generate. The idea is that an attacker can reuse this list later without the time consuming step of generating hashed passwords on the fly. You can defend against this type of attack by combining a random string of text with each password before creating the hash. This string of random text is usually called a salt. If your password hashes included a salt the attacker must take the time consuming route of creating a new list using your specific salt. If each password hash has it's own unique salt the attacker must generate a list for every single passwords which would take a very long time.

Iterative Hashing

In addition to salting hashed passwords another way of further securing passwords is to perform iterative hashing. Rather than run the password though the hashing algorithm once the resulting hash is rerun though the algorithm in most cases thousands of times. An attacker must perform the same rehashing many many times. 

Common Hashing Algorithms

Bcrypt (high security) By design a salting and iterative hashing is included.

PBKDF2 (high security) By design salting and iterative hashing is included.

SHA2 (medium security) No salting or iterative hashing in the algorithm itself.

SHA1 (low security) This algorithm performs hashing at very high speeds. The downside is that attackers can also reverse the hash at these very high speeds reducing the security stored passwords. No salting or iterative hashing in the algorithm itself.

MD5 (low security) This algorithm contains some known bugs. Some software may only contain support for MD5 despite these known bugs. Still we discourage use of MD5 even with salting and iteration.