MD5
Moderator: General Moderators
MD5
Hi guys,
I am creating a system in which a user Logs In. I use md5 for encrypting their password before sending it to the server. Is it enough or another security measure should be made in when they Log In?
I am asking this because a freind of mine told me that MD5 secures an application thirty percents.
I do know that there is not one hindred percents secuity but I just want to know if there is a better technique.
I am creating a system in which a user Logs In. I use md5 for encrypting their password before sending it to the server. Is it enough or another security measure should be made in when they Log In?
I am asking this because a freind of mine told me that MD5 secures an application thirty percents.
I do know that there is not one hindred percents secuity but I just want to know if there is a better technique.
Let's reverse it a bit, can you answer the following questions? (Once you can, you will get a better understanding of your problem.. And probably be able to answer your original question)
- What is MD5?
- How does MD5 help secure your application?
- What does MD5 not do?
- What are the security risks with regards to 'logging in'?
- What is MD5?
- How does MD5 help secure your application?
- What does MD5 not do?
- What are the security risks with regards to 'logging in'?
- stereofrog
- Forum Contributor
- Posts: 386
- Joined: Mon Dec 04, 2006 6:10 am
You can (relatively) easy revert md5 using a combination of known collision algorithms, dictionary attacks and reverse lookup databases. To some extent, this is true for other hash functions as well, that's why they should always be used with secret "salt" key. Ie. md5($password) is weak, md5($salt . $password) is much better.Mordred wrote: - To what extent is MD5 reversible.
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
- stereofrog
- Forum Contributor
- Posts: 386
- Joined: Mon Dec 04, 2006 6:10 am
Re: Reply
From your post I understood that you're using hashing of the client (presumable with javascript) before sending the data to the server. If this is true, you would be better off using SSL connection. Ask your hosting provider, they should help you further.user___ wrote:Thank you stereofrog and you onion2k. I was sure someone could help. I would like to know what you would recommend me to use, stereofrog, if you can and have some time to help me.
As to server-side hashing, I use the approach I described above: hash function + secret key (salt). This makes it virtually impossible to reverse hashed passwords even if your database gets stolen. This is how salt is used:
Code: Select all
define('SECRET_SALT', 'secret');
function password_hash($password) {
return md5(SECRET_SALT . $password);
}
// insert new password in db:
$h = password_hash($_POST['password']);
mysql_query("INSERT INTO users(...., pass) VALUES(...., '$h')");
// check if password is valid
$h = password_hash($_POST['password']);
mysql_query("SELECT * FROM users WHERE pass='$h' ");@onion2k: Using a reversible encryption is not a very good choice security-wise, and sending forgotten passwords in plain text by email is doubly so.
@stereofrog: Your setup is good, but it can be better. If someone steals your entire database, and you have enough users, he can get a list of users with popular passwords and carry an online attack at them. My research shows that about 6% of the user accounts can be recovered that way. You must add user-specific salt to each password. Details: viewtopic.php?t=62782
@stereofrog: Your setup is good, but it can be better. If someone steals your entire database, and you have enough users, he can get a list of users with popular passwords and carry an online attack at them. My research shows that about 6% of the user accounts can be recovered that way. You must add user-specific salt to each password. Details: viewtopic.php?t=62782
Reply
Thank you guys. You do help me. I would like to ask you whether it is a bad practice to use MD5 because my host provider does not want to tto enable SSL and then use the techniques you have described(particularly @stereofrog's one although I totally agree with Mordred) and as Mordred says that sening E-mails in plain text is insecure,for which I agree too, which is a preferable way of doing so?
AES is a US government standard for encrypting non-classified data. It's never been compromised using any direct attack (there's side channel attacks that work, but they're tricky and need 'live' access to the encryption process). It's more than secure enough for website passwords.Mordred wrote:@onion2k: Using a reversible encryption is not a very good choice security-wise, and sending forgotten passwords in plain text by email is doubly so.
As for sending plain text passwords by email, so what? You have to email the user something that lets them access their account, be it a link, password, or temporary passkey. If the email is intercepted then their account will be compromised irrespective of the encryption or hashing that's carried out at the database level.
- stereofrog
- Forum Contributor
- Posts: 386
- Joined: Mon Dec 04, 2006 6:10 am
Very interesting reading, thanks.Mordred wrote:Details: viewtopic.php?t=62782
The point is, most users tend to use same passwords on different services. If you send me my actual password and someone intercepts the message, this compromises my accounts on other sites, not only yours. With generated or one-time password I only lose my identity on your server in the worst case.onion2k wrote: As for sending plain text passwords by email, so what?
If the user uses a standard password across all their accounts then the chance of them having forgotten it is pretty small. Besides, I'd say that's more reason to send it to them: they might learn why that's such an incredibly bad idea.stereofrog wrote:The point is, most users tend to use same passwords on different services. If you send me my actual password and someone intercepts the message, this compromises my accounts on other sites, not only yours. With generated or one-time password I only lose my identity on your server in the worst case.
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
It is just an opinion, but the only time I send a user an email with their password in it is when they a) first sign up for an account or b) request a password change from having forgotten their password. In both cases, the password comes with an activation code that requires their input when logging in with the temporary password, and they are required to change their password before being allowed to do anything else. Is it insecure? Yes, to a degree. But it is a necessary evil when dealing with users that may forget a password.
Keep in mind, this is a somewhat regular practice, one that is used by banks, credit companies and other high security information stores.
Keep in mind, this is a somewhat regular practice, one that is used by banks, credit companies and other high security information stores.