(For a glossary of terms look here)
Many people neglect security as a matter of course these days. But as we move towards a more data driven economy and with everyday life becoming increasingly linked to an online presence we should be more aware of it than ever. Yet people are using the same passwords again and again across multiple sites which makes them vulnerable to abuse.
Passwords were traditionally considered a safe way of authenticating users against sensitive data – after all if they knew the password then surely they must be who they say they are. The problem is that computers need to verify those passwords when they get them. It would be no good a website simply letting someone view a profile simply because they said that they knew the password and never actually check. Humans remembering passwords is reasonably secure (ignoring forced disclosure or carelessness) because largely it is not possible to read somebodies mind.
Unfortunately when it comes to computing we only have methods of storing data which are easily accessible – we have to write these passwords down to check them and databases are the logical choice for this (text files are the illogical choice – don’t do that!)
We know that we have to write the passwords down but is there anything that we can do to make storing passwords safer – yes there is – we can hash them. A hashing function will be able to take a password and create a unique string which will always be the same for a given password. This is useful because it means the one we have stored in the database doesn’t need to be stored as plaintext. Passwords should be hashed before ever writing them down – a breach of security into the database would then render the passwords unusable. Or will it….
If you use a common hashing function (like md5 or sha-1 for instance) then if some of the users whose passwords you are storing have used common passwords (such as “password” or “god”) then the hashes of these passwords will be easy to spot in a long list of passwords and hackers can work back from this to gain access to those accounts.
If we salt the password before hashing then this can help (and indeed this is the minimum you should do before writing the passwords down ANYWHERE – ie. do it as the first thing in your code). Salting is the process of decorating the password before hashing – say sticking the username on the end before applying the hash – this then renders the hashed password unique to each user – which means that even if they have used a common password the stored version will look totally different to a hacker who will be unable to guess the password of the user.
In summary – before writing a password down we must always salt then hash – or hash,salt and hash again but it must be a minimum. Security must be considered a high priority – if you don’t protect your users data you are putting a huge amount of risk onto them – even if knowing the password for your site wouldn’t put them at risk all it takes is for replicated passwords elsewhere to render a user highly vulnerable. (See the glossary for more information on the terms used)