Does it make security sense to hash password on client end

后端 未结 10 1474
清酒与你
清酒与你 2020-12-23 12:21

If you were to hash a user\'s password prior to sending it across the line and leaving it in plain-text in memory, would this improve the security of the application?

<
相关标签:
10条回答
  • 2020-12-23 12:29

    The hash is identical to the password from a security POV in the scenario you describe: if I intercept the hash, I don't need to know the password, I can just send the server the hash I intercepted.

    Authentication protocols go to some length to avoid this problem; security is hard, and you are best off selecting and implementing a well-understood protocol rather than rolling your own.

    If your traffic is going over SSL, you're safe from interception and hashing gives you little extra benefit.

    0 讨论(0)
  • 2020-12-23 12:30

    Hashing on the client side opens up another huge hole: you may expose the hashing algorithm. You don't say whether this is web-based (client=JavaScript) or thick-client, but you're giving them more information. Given the channel is secure, you don't have to worry about the clear text password being sniffed.

    Besides, if your hashing algorithm requires a salt, you would be exposing your salt, which means if they ever got access to the database, they would be able to decrypt every password.

    0 讨论(0)
  • 2020-12-23 12:32

    I think it makes sense in one circumstance; you don't want to even know the client's plaintext password. If you hash at the client side, then salt and iteratively hash that hash the same way you would a plaintext pw. Other than that, its kinda silly.

    0 讨论(0)
  • 2020-12-23 12:34

    Yes, you should.

    IEEE had a data breach in which 100K emails and passwords were exposed from a weblog.

    http://ieeelog.com/

    Obviously, IEEE should not have exposed their weblog! But if they had hashed the passwords at the client side, this wouldn't have been nearly as bad.

    As the first answer states, you should use a nonce. If you use a long enough nonce (e.g. 128 bits), you don't really need to worry about reuse, as the server will never ask for the same nonce twice (assuming correctly seeded CRNG, etc.).

    0 讨论(0)
  • 2020-12-23 12:35

    No, hashing at the client does not protect the password 'completely'. When one opts to hash the password at the client, then the digest submitted to the server, essentially becomes the password. This is not a problem in itself if SSL is deployed.

    However, this scheme ends up creating more problems than it solves. If the server were to compare the hash submitted by the client with a stored hash in the database without performing any further cryptographic operations (especially hashing the input data), then the password is stored in clear text for all practical purposes. Any person with access to the stored hash can re-submit it to the server and gain access to accounts.

    In simple terms, if the submitted hash (which is the same as the submitted hash) were to leak via any other vulnerability within the application (via SQL injection, for instance) then the application has a vulnerability where in it protects the passwords inadequately.

    If the underlying vulnerability must be fixed, then it is necessary to treat the submitted hash as a password in clear text, which should then be hashed (with a salt preferably) before comparison with a stored hash.

    0 讨论(0)
  • 2020-12-23 12:36

    I can give you different kind of approach If you have not SSL you can hash password on client side and again it hashed on server side using another hashing method and store them on database and when user login with password do the same process and match double hashed password with stored hashes

    0 讨论(0)
提交回复
热议问题