What's the point of encrypting passwords?

komodosp

I'm working on a wordpress based website and the admin wanted access to all the user passwords so if a user wanted a reminder he could... Anyway I explained to the guy that passwords are encrypted so there's no way of looking at them, only reseting them. He was a bit annoyed with this, but it got me thinking:

What's the point of encrypting the passwords? I realise that if someone could get access to the database, they could get them all. But if someone could get access to the database, it's too late, you're already screwed - they could wreak havoc without ever even looking for passwords.

Sort of like a bike shop with the keys in a safe...

Giblet

Someone could do a table dump and read the data, doesn't mean they're gonna drop the tables. Imagine being able to cross reference all of those passwords with a users email, and get into the users other private data, such as email or facebook? And they should be encrypted so you don't look at them either.

seamus

Well password encryption is important especially when it's one-way encryption; by far the most used method of password encryption.

In most web-based systems (such as boards.ie) the encryption is one way. When I type in my password "Bajingos!", this is encrypted in such a way as to create a "hash", which is a long string of characters. This hash, if generated using sufficiently strong encryption and using other methods such as salting and so forth, cannot be used to reverse-engineer my password.

The database stores the hash, not the password. So theoretically if someone gets access to the database, they don't have anyone's password, only the hash. In order to validate my logon, the script hashes the password I've entered and compares this to the hash in the database. If they match, I get in. If the hashing method is strong enough and my password is sufficiently complex it's practically impossible for someone to type in anything except "Bajingos!" and have the same hash generated.

In reality there's no such thing as an unbreakable password and perfect encryption. Computer security is a "running to stand still" exercise and encryption and hashing methods are continually being updated and refined as computers get more and more powerful.
The ultimate aim is to make the decryption process extremely difficult and time-consuming such that it's a lot of work for very little gain.

Storing passwords in plain text or weakly hashed opens your users to risks - an unscrupulous database or system admin could retrieve the information and use it for their own ends or sell it to spammers. The email address + password combination is very valuable as most people use the same combination across all sites.
Some attacks can also cause a system to dump its database contents to the screen without explicit access to the database. If the passwords are plaintext or weakly hashed, there is no more work to do for the hacker.

It's kind of like storing your keys in a safe, but where the keys themselves also have a 4-digit PIN in order to use them.

If you are ever on a site which emails you your actual password in plaintext, try and delete your account, or at least use a secondary email address and a password that you use nowhere else.

Dave!

seamus wrote: »

Well password encryption is important especially when it's one-way encryption; by far the most used method of password encryption.

In most web-based systems (such as boards.ie) the encryption is one way. When I type in my password "Bajingos!", this is encrypted in such a way as to create a "hash", which is a long string of characters. This hash, if generated using sufficiently strong encryption and using other methods such as salting and so forth, cannot be used to reverse-engineer my password.

The database stores the hash, not the password. So theoretically if someone gets access to the database, they don't have anyone's password, only the hash. In order to validate my logon, the script hashes the password I've entered and compares this to the hash in the database. If they match, I get in. If the hashing method is strong enough and my password is sufficiently complex it's practically impossible for someone to type in anything except "Bajingos!" and have the same hash generated.

In reality there's no such thing as an unbreakable password and perfect encryption. Computer security is a "running to stand still" exercise and encryption and hashing methods are continually being updated and refined as computers get more and more powerful.
The ultimate aim is to make the decryption process extremely difficult and time-consuming such that it's a lot of work for very little gain.

Storing passwords in plain text or weakly hashed opens your users to risks - an unscrupulous database or system admin could retrieve the information and use it for their own ends or sell it to spammers. The email address + password combination is very valuable as most people use the same combination across all sites.
Some attacks can also cause a system to dump its database contents to the screen without explicit access to the database. If the passwords are plaintext or weakly hashed, there is no more work to do for the hacker.

It's kind of like storing your keys in a safe, but where the keys themselves also have a 4-digit PIN in order to use them.

If you are ever on a site which emails you your actual password in plaintext, try and delete your account, or at least use a secondary email address and a password that you use nowhere else.

Yoink! Rookie mistake seamus!

/off to hack seamus's life

Earthhorse

There's a nice blog post over on codinghorror.com about the dangers of not encrypting passwords or even weakly encrypting them which reflects pretty much what seamus has said above (though the latter half of the article gets into a discussion about passports).

conor.hogan.2

I had a site email me several times my password in plaintext and I emailed them to stop, they seemed to but I still changed my password on that site as I am human so I did use the same low level password on several throw away sites like it.

ironclaw

Boards.ie (And other non HTTPS sites) send your password plaintext so if you on an open network, you can sniff it out of a packet. They only hash at the other end so you password is sent in the clear.

Also with regards to hashing, MD5 is fairly broken at this stage with salting helping only some what (RainBow tables etc)

There are more reasons to encrypt than not encrypt but passwords are only one step in keeping access controlled. You don't always need a password to go nuts (Session stealing, privilege escalation and SQL inject to name a few) They are all just hurdles that talented people will overcome, its only a matter of time.

seamus

ironclaw wrote: »

privilege escalation and SQL inject

To be fair, these two are things which are insanely easy to protect against in terms of websites, but are opened by programming mistakes more than anything else. As websites get larger, so too does the number of programmers likely to make such mistakes and leave holes open. MD5 is considered outdated at this stage, but will still be present in many websites because it's not considered a big enough problem to do a code review and will still be used by many programmers who are unaware of the inherent insecurity of it.

You are right though, there are multiple avenues of attack and growing all the time. Username/password is often seen as the holy grail because presenting a valid username and password to a system will not trigger any security alerts, so usually most attacks are focussed on grabbing authenication credentials moreso than other information.

As I say above, systems security is an arms race with no end. A security professional will never declare any system "secure" rather, "adequately secure for the moment". Intrusion detecton and emergency procedures for security breaches are as important as securing the data in the first place, but lots of places forget this and simply focus on making the place secure.

fergalr

seamus wrote: »

In reality there's no such thing as an unbreakable password and perfect encryption.

Well - as I'm sure you know - there are both, but they are in general too cumbersome for commercial use.

There are systems out there that deploy them, though.
http://en.wikipedia.org/wiki/One-time_pad#Historical_uses

Very much agree with the spirit of what you say, though.

seamus wrote: »

Intrusion detecton and emergency procedures for security breaches are as important as securing the data in the first place, but lots of places forget this and simply focus on making the place secure.

Well, this depends, right?
In some scenarios, intrusion detection and emergency procedures are pointless, so it makes sense to put all the focus on securing the data in the first place.

seamus

fergalr wrote: »

Well, this depends, right?
In some scenarios, intrusion detection and emergency procedures are pointless, so it makes sense to put all the focus on securing the data in the first place.

Dunno. Obviously one size doesn't fit all, but it seems to me that all of the security systems in the world are useless if you're unable to detect when those systems have been compromised and prevent further intrusion.

In many/most cases, a security setup comprises a suite of complementary systems and precautions which both makes access difficult but also alerts and locks down in the event that it's been compromised.

In the specific case of websites though, from the developer's point of view they think, "secure, secure, secure" and forget that because they're working at such a low level, they also have to consider detection.

Ross

ironclaw wrote: »

Boards.ie (And other non HTTPS sites) send your password plaintext so if you on an open network, you can sniff it out of a packet. They only hash at the other end so you password is sent in the clear.

Actually it's hashed before being sent across the wire in most cases (see vbulletin_md5.js) but you're right, having everything over SSL would be preferable.

JonJoeDali

Ross wrote: »

Actually it's hashed before being sent across the wire in most cases (see vbulletin_md5.js) but you're right, having everything over SSL would be preferable.

Indeed. There's also a challenge code sent each time you login, so the hash is never the same when being broadcast over the wire. It's pretty secure, even with md5.