Password validation security issue
Christian Heimes
christian at python.org
Sat Mar 1 13:31:10 EST 2014
On 01.03.2014 19:11, Chris Angelico wrote:
> On Sun, Mar 2, 2014 at 4:49 AM, Renato <rvernucio at gmail.com> wrote:
>> Hello everybody, I implemented a password validation with a Python 2.7.5 script in OpenSUSE 13.1. The user calls it passing 'login' and 'password' as arguments. I made a dictionary in the format hashtable = {'login':'password'} and I use this hash table to compare the 'login' and 'password' that were passed in order to validate them. The problem is that any user who can execute the script will be able to read it too (since it must be read by python's interpreter), and this is causing some security issues since any user can access all other users' passwords if he opens this script and reads the code.
>>
>> My question is: is there a way of preventing the user from reading the script's content? Is there any strategy I could use to hide the passwords from the users?
>>
>
> Yeah, that's a pretty major issue, right there :)
>
> The most common way to deal with this is to salt and hash your
> passwords. While that might sound like a great thing to do to
> potatoes, it's also the best way to stop your passwords from being
> sniffed.
>
> Best practice is to combine the password with the user name and with
> some fixed text (the "salt"), and then run it through a
> cryptographically secure hashing algorithm. In Python 2.7, you have
> the hashlib module:
>
>>>> import hashlib
>>>> login = 'rosuav'
>>>> password = 'xkcd936passwordgoeshere'
>>>> encrypted = hashlib.sha256(login+'NaCl protects your passwords'+password).hexdigest()
>>>> encrypted
> 'b329f2674af4d8d873e264d23713ace4505c211410eb46779c27e02d5a50466c'
Please don't do that. It's insecure and not the proper way to handle
passwords. In fact it's insecure on so many levels that I don't know
where to start...
A hash function and a fixed salt are always the wrong way to handle
passwords. You must use a non-deterministic key stretching and key
derivation function with a salt from a CPRNG. For example PBKDF2
(usually used with HMAC as PRF), bcrypt or scrypt are well studied and
tune-able KDFs. You must also use a constant timing comparison function.
You don't have to do all the hard stuff on your own. I highly recommend
`passlib` to handle your passwords. It has a good API and is secure.
Christian
More information about the Python-list
mailing list