If you still want to use md5 to store passwords on your website, good thing would be to use a 'salt' to make the hash more difficult to crack via bruteforce and rainbow tables. A salt is simply a caracters string that you add to an user password to make it less breakable. For instance, say we are using the password 'password' (good idea). HashKiller.co.uk is a hash lookup service. This allows you to input a hash and search for its corresponding plaintext ('found') in our database of already-cracked hashes. In other words, we are not cracking your hash in realtime - we're just caching the hard work of many cracking enthusiasts over the years. CrackStation uses massive pre-computed lookup tables to crack password hashes. These tables store a mapping between the hash of a password, and the correct password for that hash. The hash values are indexed so that it is possible to quickly search the database for a given hash. Another variant is the application of DOUBLE MD5, which consists in applying the hash algorithm twice. Example: MD5(dCode) = e9837d47b610ee29391a44 but MD5(MD5(dCode)) = c1127c7b6fdcafd97a96b37eaf035eaf. MD5 is not the only hash function, it also exists SHA1, SHA256, SHA512 etc.
Active2 months ago
This code is supposed to hash a password with a salt. The salt and hashed password are being saved in the database. The password itself is not.
Given the sensitive nature of the operation, I wanted to make sure everything was kosher.
Mark Amery
73.4k3737 gold badges282282 silver badges332332 bronze badges
Chris DutrowChris Dutrow
21.7k5151 gold badges160160 silver badges234234 bronze badges
8 Answers
EDIT: This answer is wrong. A single iteration of SHA512 is fast, which makes it inappropriate for use as a password hashing function. Use one of the other answers here instead.
Looks fine by me. However, I'm pretty sure you don't actually need base64. You could just do this:
If it doesn't create difficulties, you can get slightly more efficient storage in your database by storing the salt and hashed password as raw bytes rather than hex strings. To do so, replace Mark Amery
hex with bytes and hexdigest with digest .
73.4k3737 gold badges282282 silver badges332332 bronze badges
TaymonTaymon
17.5k66 gold badges4848 silver badges7777 bronze badges
Based on the other answers to this question, I've implemented a new approach using bcrypt.
Why use bcrypt
If I understand correctly, the argument to use
bcrypt over SHA512 is that bcrypt is designed to be slow. bcrypt also has an option to adjust how slow you want it to be when generating the hashed password for the first time:
Slow is desirable because if a malicious party gets their hands on the table containing hashed passwords, then it is much more difficult to brute force them.
ImplementationNotes
I was able to install the library pretty easily in a linux system using:
However, I had more trouble installing it on my windows systems. It appears to need a patch. See this Stack Overflow question: py-bcrypt installing on win 7 64bit python
Mark Amery
73.4k3737 gold badges282282 silver badges332332 bronze badges
Chris DutrowChris Dutrow
21.7k5151 gold badges160160 silver badges234234 bronze badges
The smart thing is not to write the crypto yourself but to use something like passlib: https://bitbucket.org/ecollins/passlib/wiki/Home
It is easy to mess up writing your crypto code in a secure way. The nasty thing is that with non crypto code you often immediately notice it when it is not working since your program crashes. While with crypto code you often only find out after it is to late and your data has been compromised. Therefor I think it is better to use a package written by someone else who is knowledgable about the subject and which is based on battle tested protocols.
Also passlib has some nice features which make it easy to use and also easy to upgrade to a newer password hashing protocol if an old protocol turns out to be broken.
Also just a single round of sha512 is more vulnerable to dictionary attacks. sha512 is designed to be fast and this is actually a bad thing when trying to store passwords securely. Other people have thought long and hard about all this sort issues so you better take advantage of this.
Ben Hoyt
6,71544 gold badges4545 silver badges7878 bronze badges
M.D.M.D.
For this to work in Python 3 you'll need to UTF-8 encode for example:
Otherwise you'll get:
Traceback (most recent call last): Brad Koch
File ', line 1, in hashed_password = hashlib.sha512(password + salt).hexdigest() TypeError: Unicode-objects must be encoded before hashing
11.9k1414 gold badges8484 silver badges113113 bronze badges
WayneWayne
passlib seems to be useful if you need to use hashes stored by an existing system. If you have control of the format, use a modern hash like bcrypt or scrypt. At this time, bcrypt seems to be much easier to use from python.
passlib supports bcrypt, and it recommends installing py-bcrypt as a backend: http://pythonhosted.org/passlib/lib/passlib.hash.bcrypt.html
You could also use py-bcrypt directly if you don't want to install passlib. The readme has examples of basic use.
see also: How to use scrypt to generate hash for password and salt in Python
Community♦
Terrel ShumwayTerrel Shumway
I don' want to resurrect an old thread, but.. anyone who wants to use a modern up to date secure solution, use argon2.
It won the the password hashing competition. ( https://password-hashing.net/ ) It is easier to use than bcrypt, and it is more secure than bcrypt.
nagylzsnagylzs
Salt Hash Cracker Casserole
1,75833 gold badges2323 silver badges3737 bronze badges
As of Python 3.4, the
hashlib module in the standard library contains key derivation functions which are 'designed for secure password hashing'.
So use one of those, like
hashlib.pbkdf2_hmac , with a salt generated using os.urandom :
Note that:
For theory on what makes a good password hash and a list of other functions appropriate for hashing passwords with, see https://security.stackexchange.com/q/211/29805.
Mark AmeryMark Amery
Md5 Salt Hash Cracker
73.4k3737 gold badges282282 silver badges332332 bronze badges
Firstly import:-
Then change your code according to this in your method:
Then pass this salt and uname in your database sql query, below login is a table name:
Pranav Totla
79211 gold badge77 silver badges2323 bronze badges
Sheetal JhaSheetal Jha
Not the answer you're looking for? Browse other questions tagged pythonauthenticationhashpasswordssalt or ask your own question.
(Redirected from Salted hash)
In cryptography, a salt is random data that is used as an additional input to a one-way function that 'hashes' data, a password or passphrase. Salts are used to safeguard passwords in storage. Historically a password was stored in plaintext on a system, but over time additional safeguards developed to protect a user's password against being read from the system. A salt is one of those methods.
A new salt is randomly generated for each password. In a typical setting, the salt and the password (or its version after Key stretching) are concatenated and processed with a cryptographic hash function, and the resulting output (but not the original password) is stored with the salt in a database. Hashing allows for later authentication without keeping and therefore risking the plaintext password in the event that the authentication data store is compromised.
Salts defend against a pre-computed hash attack.[1] Since salts do not have to be memorized by humans they can make the size of the hash table required for a successful attack prohibitively large without placing a burden on the users. Since salts are different in each case, they also protect commonly used passwords, or those users who use the same password on several sites, by making all salted hash instances for the same password different from each other.
Cryptographic salts are broadly used in many modern computer systems, from Unix system credentials to Internet security.
Salts are closely related to the concept of a cryptographic nonce.
Example usage[edit]
Here is an incomplete example of a salt value for storing passwords. This first table has two username and password combinations. The password is not stored.
The salt value is generated at random and can be any length, in this case the salt value is 8 bytes long. The salt value is appended to the plaintext password and then the result is hashed, this is referred to as the hashed value. Both the salt value and hashed value are stored.
As the table above illustrates, different salt values will create completely different hashed values, even when the plaintext passwords are exactly the same. Additionally, dictionary attacks are mitigated to a degree as an attacker cannot practically precompute the hashes. However, a salt cannot protect common or easily guessed passwords.
Common mistakes[edit]
Salt reuse
A fixed salt is when a programmer uses the same salt for every hashed password.
While this will make current rainbow tables useless (if the salt is properly chosen), if the salt is hard-coded into a popular product that salt can be extracted and a new rainbow table can be generated using that salt.
Using a single fixed salt also means that every user who inputs the same password will have the same hash (unless the password hash is also dependent on the username). This makes it easier to attack multiple users by cracking only one hash.
Short salt
If a salt is too short, it will be easy for an attacker to create a rainbow table consisting of every possible salt appended to every likely password. Using a long salt ensures that a rainbow table for a database would be prohibitively large.[2]
This Dictionary Tamil to English translation app can be used as a mobile Dictionary app or pocket free dictionary offline app.You can use this current English to Tamil Translate Dictionary without internet. Tamil english dictionary free download. This Tamil Dictionary offline apps have multiple Tamil meanings for all English words offline.This English 2 Tamil Dictionary 2019 app is called as English To Tamil Dictionary Offline and Translator as it effortlessly find words with meanings. Tamil dictionary free is a Tamil-English and English-Tamil Dictionary app (தமிழ் ஆங்கிலம் அகராதி). This best tamil dictionary english tamil app provides you with the opportunity to search and find the translation of any word.Tamil to eng dictionary free app is now available with English to Tamil and Tamil to English Translation i.e Tamil to english conversion dictionary.This dictionary Tamil and english/Tamil Dictionary ultimate is available with English to English Meaning, English to Tamil Meaning, synonyms.English to Tamil Translator and Tamil to English Translator app is completely free dictionary useful for all English learners. This offline english 2 tamil dictionary pro designed to help Tamil speakers to improve their communication skill.
Benefits[edit]
To understand the difference between cracking a single password and a set of them, consider a single password file that contains hundreds of usernames and hashed passwords. Without a salt, an attacker could compute hash(attempt[0]), and then check whether that hash appears anywhere in the file. The likelihood of a match, i.e. cracking one of the passwords with that attempt, increases with the number of passwords in the file. If salts are present, then the attacker would have to compute hash(salt[a], attempt[0]), compare against entry A, then hash(salt[b], attempt[0]), compare against entry B, and so on. This defeats 'reusing' hashes in attempts to crack multiple passwords.
Salts also combat the use of hash tables and rainbow tables for cracking passwords.[3] A hash table is a large list of pre-computed hashes for commonly used passwords. For a password file without salts, an attacker can go through each entry and look up the hashed password in the hash table or rainbow table. If the look-up is considerably faster than the hash function (which it often is), this will considerably speed up cracking the file. However, if the password file is salted, then the hash table or rainbow table would have to contain 'salt . password' pre-hashed. If the salt is long enough and sufficiently random, this is very unlikely. Unsalted passwords chosen by humans tend to be vulnerable to dictionary attacks since they have to be both short and meaningful enough to be memorized. Even a small dictionary (or its hashed equivalent, a hash table) is significant help cracking the most commonly used passwords. Since salts do not have to be memorized by humans they can make the size of the rainbow table required for a successful attack prohibitively large without placing a burden on the users.
More technically, salts protect against hash tables and rainbow tables as they, in effect, extend the length and potentially the complexity of the password. If the rainbow tables do not have passwords matching the length (e.g. an 8-byte password, and 2-byte salt, is effectively a 10-byte password) and complexity (non-alphanumeric salt increases the complexity of strictly alphanumeric passwords) of the salted password, then the password will not be found. If found, one will have to remove the salt from the password before it can be used.
The modern shadow password system, in which password hashes and other security data are stored in a non-public file, somewhat mitigates these concerns. However, they remain relevant in multi-server installations which use centralized password management systems to push passwords or password hashes to multiple systems. In such installations, the root account on each individual system may be treated as less trusted than the administrators of the centralized password system, so it remains worthwhile to ensure that the security of the password hashing algorithm, including the generation of unique salt values, is adequate.[citation needed]
Salts also make dictionary attacks and brute-force attacks for cracking large numbers of passwords much slower (but not in the case of cracking just one password). Without salts, an attacker who is cracking many passwords at the same time only needs to hash each password guess once, and compare it to all the hashes. However, with salts, each password will likely have a different salt; so each guess would have to be hashed separately and compared for each salt, which is considerably slower than comparing the same single hash to every password.
Another (lesser) benefit of a salt is as follows: two users might choose the same string as their password, or the same user might choose to use the same password on two machines. Without a salt, this password would be stored as the same hash string in the password file. This would disclose the fact that the two accounts have the same password, allowing anyone who knows one of the account's passwords to access the other account. By salting the passwords with two random characters, even if two accounts use the same password, no one can discover this just by reading hashes.
Unix implementations[edit]1970s–1980s[edit]
Earlier versions of Unix used a password file
/etc/passwd to store the hashes of salted passwords (passwords prefixed with two-character random salts). In these older versions of Unix, the salt was also stored in the passwd file (as cleartext) together with the hash of the salted password. The password file was publicly readable for all users of the system. This was necessary so that user-privileged software tools could find user names and other information. The security of passwords is therefore protected only by the one-way functions (enciphering or hashing) used for the purpose. Early Unix implementations limited passwords to eight characters and used a 12-bit salt, which allowed for 4,096 possible salt values.[4] This was an appropriate balance for 1970s computational and storage costs.[5]
1980s–[edit]
The shadow password system is used to limit access to hashes and salt. The salt is eight characters, the hash is 86 characters, and the password length is unlimited.
Web-application implementations[edit]
It is common for a web application to store in a database the hash value of a user's password. Without a salt, a successful SQL injection attack may yield easily crackable passwords. Because many users re-use passwords for multiple sites, the use of a salt is an important component of overall web application security.[6] Some additional references for using a salt to secure password hashes in specific languages (PHP, .NET, etc.) can be found in the external links section below.
See also[edit]References[edit]
External links[edit]
Retrieved from 'https://en.wikipedia.org/w/index.php?title=Salt_(cryptography)&oldid=918013260'
Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |