2011-09-24, 10:00 PM
2011-09-24, 10:10 PM
I think MyBB should add a key to append to the encryption. The key should be in config file. This way an SQL dump would be worthless without the key.
Be more like this:
salt_password(md5($password. $config['passkey']), $user['salt']) == $user['password'])
Just adds a layer. Key could be a min 20 character.
Be more like this:
salt_password(md5($password. $config['passkey']), $user['salt']) == $user['password'])
Just adds a layer. Key could be a min 20 character.
2011-09-24, 10:32 PM
(2011-09-24, 10:10 PM)labrocca Wrote: [ -> ]I think MyBB should add a key to append to the encryption. The key should be in config file. This way an SQL dump would be worthless without the key.
Be more like this:
salt_password(md5($password. $config['passkey']), $user['salt']) == $user['password'])
Just adds a layer. Key could be a min 20 character.
+1
2011-09-24, 10:37 PM
I have always wondered why mybb doesn't. The value could simply be inputted during the install process, and if the field is left blank it is auto generated. Might it be a good idea to code that in for 1.6.5? you would need to force all users to reset their passwords though (to account for any upgraded boards)
2011-09-25, 12:05 AM
(2011-09-24, 06:55 PM)TheGarfield Wrote: [ -> ]$password = md5($password);$password = sha1($password);$password = hash("sha512", $password);
All of those deserve 0/5 points if you don't use salt.
2011-09-25, 08:27 PM
Care to tell me how do you decrypt md5 or sha1 hashes?
2011-09-25, 08:32 PM
Bad wording. The correct terminology would be "Matching the hashes against a database of machine generated strings and their corresponding hashes".
2011-09-25, 08:33 PM
It's not a matter of bad wording. The entire thread would be full of bad wording then. I think people are confusing encryption/decryption with hashing - the concepts themselves.
2011-09-25, 09:07 PM
MD5 collisions have been around forever: http://en.wikipedia.org/wiki/MD5#Collisi...rabilities
Rainbow tables make sha1 and md5 trivial.
Again, bcrypt() is almost always the best solution. You can set the difficulty of encryption which will make the hashes take varying amounts of time.
Rainbow tables make sha1 and md5 trivial.
Again, bcrypt() is almost always the best solution. You can set the difficulty of encryption which will make the hashes take varying amounts of time.
2011-09-25, 09:15 PM
@Pirata:
And with colliding vs. decrypting. Colliding isn't decrypting, it's just finding a password that produces the same hash. MD5 has been collided, but to my knowledge no MD5 hash has has ever been "decrypted". (Not even sure what that would mean, since it was never encrypted to start with.)
The problem - as everyone in security is saying - is that given a massively-parallel computer, you can "crack" a password by brute-force in minutes. Using bcrypt to slow the process down would prevent that. Will it slow down logging in? Sure. Your 3 second login (due to the fact that you're 9,000 miles from the server and it's a Sunday evening) will now take 3.001 seconds. But the supercluster down the block from the server is restricted to only 1,000 passwords/second - a massive problem for the cracker.
(And that's only for passwords. As Gravitar says, for email addresses it's a non-problem. Finding a string that hashes to the same hash as my email address won't give you my email address.)
I don't think we have to worry about someone cracking an entire MyBB password database. Isn't there something in there that restricts you to 3 tries (settable my the admin, IIRC) before you get captcha? No computer cracking is going to crack a password in a reasonable amount of time with that "little" speed bump in the way. And even if it does get my admin password in 87 years, I won't be worrying about it.
And with colliding vs. decrypting. Colliding isn't decrypting, it's just finding a password that produces the same hash. MD5 has been collided, but to my knowledge no MD5 hash has has ever been "decrypted". (Not even sure what that would mean, since it was never encrypted to start with.)
The problem - as everyone in security is saying - is that given a massively-parallel computer, you can "crack" a password by brute-force in minutes. Using bcrypt to slow the process down would prevent that. Will it slow down logging in? Sure. Your 3 second login (due to the fact that you're 9,000 miles from the server and it's a Sunday evening) will now take 3.001 seconds. But the supercluster down the block from the server is restricted to only 1,000 passwords/second - a massive problem for the cracker.
(And that's only for passwords. As Gravitar says, for email addresses it's a non-problem. Finding a string that hashes to the same hash as my email address won't give you my email address.)
I don't think we have to worry about someone cracking an entire MyBB password database. Isn't there something in there that restricts you to 3 tries (settable my the admin, IIRC) before you get captcha? No computer cracking is going to crack a password in a reasonable amount of time with that "little" speed bump in the way. And even if it does get my admin password in 87 years, I won't be worrying about it.