Topic: Public Safety Announcement: On the subject of password security - page 3. (Read 5912 times)

Sure, here you go:


User's login is also the random salt in this case. As an added security, we add secret salt (from some config file on the web server). $rounds is just a multiplier for how much processing should be done. At 25, generating one hash can take (depending on password and login length) from 0.1s to 1s. Which essentially makes bruteforcing impossible.

This, of course, could be done in a ton of different ways. One could also use bcrypt. I've decided to use my own routine, because it's not widespread and programming hash-breaker to target this specific routine would take some time - time that is needed to react if something bad happens.

Every time the difficulty of bitcoin increases it means there's more hashing power out there that could be redirected.
Truly paranoid types may want to use that as a sign that it's time to hash all existing passwords again (hash the hash and keep a count of how many hash operations).

You're doing it wrong - making people change their passwords every 30 days results in them running out of quality passwords OR them writing their password down.

Multiple hashes? If you want to be paranoid that's also the wrong way to go about things, you should use a system like bcrypt and make sure it's slow enough that GPU bruteforce is a no-go.

Partition the database too, don't have one big MySQL database with full perms which every part of the site has access to - one exploit on any part and it's game over. Limit it tightly, VERY tightly.

Even the human factor can be mitigated - don't give access to EVERYTHING to EVERY employee, restrict things tightly.

Use whitelists, not blacklists.

It's not that nobody thought of that, it's that there are problems that cannot be solved. That's why the whole concept of MtGox was flawed.

The whole point of bitcoin is that you don't need websites doing such jobs like money transfer any more. But what did they come up with?  A typical site with the same crap we know from banking sites, paypal etc.

Consider using bcrypt for hashing passwords. bcrypt is designed to be difficult to compute, with tunable difficulty.

Edit: Come to think of it, you could always use the tunable difficulty method of bitcoin. Use a nonce rather than a salt, and require that the hash be below a certain number.

Can you PLEASE cut this bull about attempting to blame users?!
Use a 30 char long pass, alpha upper+lower+numeric+symbols... in the day you format your computer and if you forget to backup the text file with it, please, kiss your account goodbye. And don't even try to access wherever you use it from outside home, as obviously you've no clue whatsoever that password is.

Nerds! People have a life! Good security is passive, is simply there, BAD security is anything that has to nag you to be secure.

Besides, MtGox was "hacked" by the only side nerdness can't do nothing about: the HUMAN factor. Wouldn't make a difference other than slow the attacker a bit to use SHA-512 or any other hashing/crypting flavor. As obvious M'Tux had no clue his db was compromised, so the attacker actually had all the time in the World to do whatever he needed to do.

1Password is my favorite ( http://agilebits.com/products/1Password ).
KeePass (or KeePassX) is a good free alternative (though not as powerful) ( http://keepass.info/ & http://www.keepassx.org/ ).
LastPass in a pinch, but I don't like storing them online and trusting the service provider (didn't work out well for DropBox).

Can you recommend a password vault?

And when you create this password, what do you do with it?  You have it memorized immediately?

I use a password vault, the issue there is that I occasionally still have to type the password in by hand.  For most people having a 50 character strong password is going to be brutal, so they'll just write it down. 

If you cannot use the security measure you've adopted, you will bypass them.  That makes it useless for everyone.  I also apply different security strengths based on the site / server I'm accessing.  My Gmail password is HUGE, my banking password is HUGE, my PayPal password is HUGE, but other sites don't necessitate the same level of security.  Harden the high-value targets, always use different passwords, and adjust to what makes your security life usable.

That's just my 0.0001 BTC worth.

I once read an article regarding computer & information security, and I have paraphrased its main point by the following statement, and you can quote me on this:


The article I read was referring to information security in general, but in this context, we are discussing password security.  Practically, this means predicting future innovations in the realm of password cracking/hashing, and being prepared for hash attacks by supercomputers (which is quite possible today actually, as you'll see below).  This is why I would recommend using 30-50 character passwords if possible, using lowercase and uppercase letters (no dictionary words obviously), numbers, symbols, and if possible, even using other characters that are not included on the physical keyboard (i.e., including those Unicode chars that use Alt+4 digit combinations, etc.).  For plenty of examples of these characters, you can press the Windows Key + R (if you're on Windows, of course) and type "charmap.exe" to see some of the characters I'm referring to, such as Greek letters, etc.  However, many sites can't process these kinds of characters, so sometimes it's actually better to use regular characters.

On side note, I once created a nice complex password at a certain large financial brokerage firm located in Manhattan, NYC which contained an underscore character, but the system couldn't process it, so it caused an enormous problem and I ended up being on the phone with their tier 1 technical support team who was working with the IT security engineers who had developed the database, and over the course of being on the phone with them for multiple days, we eventually discovered that a simple underscored in my password had caused major difficulties for their database, in regard to my account.  In other words, just remember to be careful when using secure passwords, since many places can't handle the length or complexity, at least not yet (hopefully they'll wake up and change their databases).

Oh and by the way, for anyone doubting that it's actually quite easy to crack passwords these days, it's important to understand that even 10 character passwords can be hacked extremely rapidly using GPUs (very similar to how us Bitcoin miners are using our cards).  For example, I know of an individual who used an array of 4 Radeon HD 5970s (each one a dual GPU, actually making it 8 GPUs) to crack hashed passwords at over 32 billion passwords a second (for MD5 hashes).  Just stop and think about that before you make another password under 10 characters long without using non-dictionary uppercase & lowercase letters, numbers, symbols, etc.

Have you seen how many people used their username as their password. Or 123456? I'm prepared to believe there is no limit to people's stupidity.

One thing that also got me wondering (perhaps a new topic, but as a newb I can't create a new post) was how secure the sites are which use OpenID? When you take in the password, you can insist on it's complexity, or not in the case of Mtgox. But if you are getting login credential from an OpenID provider surely you are allowing certain accounts to be wide open? Perhaps that's just tough luck for the person who's account that is.

Who on Earth would use their online web password for a local vault encryption?  Are you kidding me?

If you used the same password for mtgox and encrypted wallet backups, you have to create a new wallet.

Huh?  What does this discussion have to do with Wallets?

Everybody who had a crackable password in the first place is screwed when his wallet is found anyway.

The only way now is to generate a new wallet in a secure space and send the coins there.

Do the community a favor.  Provide the "few lines of code" here for everyone to be able to use.

I congratulate you on this!

I'mma release a small hashing class for secure passwords?

We, at BitMarket.eu, had this from the very beginning. It's just a few lines of code people. And the benefit in security is huge.

Ironically I described exactly this case this morning in my guide about passwords:


http://forum.bitcoin.org/index.php?topic=19360.0

A hashing calculation: at one billion hash comparisons a second, a 15 character alphanumeric password will take roughly 7000000 years to compare all combinations.

No, running the result through the hash function again is a very common way to make it safer.
What you basically do is, if they can figure it out, is force them to do multiple hashes for every comparison. This is a direct counter to brute-force attacks.
If they have to spend one second for EVERY combination comparison, then it will be basically impossible for them to brute-force anything.
There are even specific algorithm which are designed just for this.

If you take the above calculation, if they can only do one comparison per second instead of a billion, then it will take 7000000000000000 years instead to test all combinations for one password.