top | item 23507034

(no title)

aapeli | 5 years ago

Correctly hashed (with salt and a memory+time hard hash) passwords are taken to be brute-force hard to crack.

In that sense it's as safe to publish such hashed passwords on the internet, in the same way a website's public key is published on the internet. In fact, it's good practice to set hash parameters such that it's slower to brute-force passwords than asymmetric keys (e.g. TLS certs).

However, the big difference is that TLS private keys are randomly generated, and of a fixed length, whereas passwords are user chosen. So an attacker could do a dictionary attack and probably uncover a number of passwords using that (e.g. just try out "password" on all the hashed passwords). Hashed passwords are only as hard to crack as the passwords themselves.

discuss

jopsen|5 years ago

Publishing a salted hash (with if it's memory+time hard hash) is the same as allowing unlimited login attempts.

Limiting login attempts by ip, username, and time is the best way to mitigate attacks.

Even a weak password is hard to crack with 5 attempts per day :)

hanche|5 years ago

Given a salted hash, you can test passwords many orders of magnitude faster than you can do online. As some attackers can control a botnet, limiting attempts by ip has limited value. If you limit by username and time, you open the door to a denial-of-service attack: I could lock you out of your account by simply trying to log in as you repeatedly.

There are few easy answers in security.