2014-10-17 10:50:26
target : Restore or reset your password
anti-pattern : Store passwords in clear text
1. Store password
It is not safe to store passwords in plaintext or to pass passwords over the network.
If an attacker intercepts an SQL statement that you use to insert (or modify) a password, you can obtain a password.
Hackers get passwords in a number of ways:
(1) Receiving packets on the network line interacting with the client and server-side databases. Use Wireshark hacking software, for example.
(2) Search the SQL query log on the database server.
(3) The data from the database backup file is read from the server or backup media.
2, authentication password: Ibid.
3. Send password in email: the Sending and receiving of email is transmitted through the network layer, the data may be hijacked by hackers on other routing nodes.
How to recognize anti-patterns : May be anti-pattern when the following conditions occur Rational use of anti-patterns:
1, can restore your password;
2. Send your password via email to your program in plaintext or reversible encrypted format.
Rational use of anti-patterns :
1, your program may need to use a password to access a third-party services, which means that your program may be a client,
You must use a readable format to store this password. The best practice is to use a number of programs that can decode the encryption method to store,
Instead of being stored directly in the database using clear text.
2. Not all programs have the risk of being attacked, and not all programs have sensitive programs that need to protect information.
Nevin communication procedures, only using the authentication mechanism can be.
Solution :
1, first encrypted and then stored
(1) A hash is a function that converts an input string into another new, unrecognized string.
The hashing algorithm is irreversible.
(2) using hashes in SQL
The hash function is a standard SQL language, so you may want to rely on the hash extension provided by the database you are using.
Insert into Accounts (Accountid,accountname,password)
VALUES (123, ' Billkarwin ',SHA2 (' Xyzzy ')); Extension functions for---MySQL6.0.5
(3) Give loads hash material
Replace the original plaintext password with a hash value, but the hacker will still be able to decipher your hash value. Through their pre-prepared database of their own,
It stores the possible password with the corresponding hash value, and then can find the plaintext password longer.
One way to prevent this "dictionary attack" is to add some spice to your password encryption expression. This is done by passing the user password into the hash function
Before encryption, it is stitched together with a meaningless string.
SHA2 (' password ') = ' 5exxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxd8 ';
SHA2 (' password-0xt!sp9 ') = ' 72xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx5b ';
The proper length of the seasoning should be 8 bytes.
(4) Hide passwords in SQL
You can avoid leaks as long as you do not place plaintext passwords in SQL query statements.
Practice: Generate a hash string for the password in the program code, and then use the hash strings in the SQL query.
(5) In the network transmission, there is another place where an attacker has an opportunity to pick up a network packet: between the user's browser and the Web server.
When a user submits a login form, the browser sends the user's password in clear text to the server side before the server can
Use this password for hashing.
Workaround: Hash operations before the user's browser sends the form data.
But there are some shortcomings in this scheme, that is, you need to do the right hashing before you have to get the other way
This password is associated with the seasoning. This scenario uses a secure HTTP (HTTPS) Link when submitting the form password from the browser to the server side.
2. Reset password instead of recovery password
SQL anti-Pattern Learning note 20 plaintext password