Comments on: Web Password Hashing

By: mark

mark — Sun, 20 Sep 2009 01:41:36 +0000

read a bit more…I am still learning, but some people are confusing a HASH with Encryption.

A hash generates a fixed # of characters, and is a one-way process. It is different than encryption which is a two way process.

First: there are several different hashing algorithms, the cracker wouldn’t know which was used. Even if it was known, and while you can say it isn’t “impossible”, the term used is that it is “infeasible”.
Second: the cracker wouldn’t be able to assume the username at one site is the same at another.
Third: you can use more than one “master password”.
Fourth: the convenience of running the Firefox add-ons / extensions is supplemented by the fact that you can run widgets or apps, or even save a website html page with the javascript to run it locally. And, since there are several of the same sort of projects out there, you have the choice of several open source projects and can verify this stuff yourself.

By: GoogleÍÆ¹ã

GoogleÍÆ¹ã — Tue, 22 Nov 2005 17:01:05 +0000

google×ó²àÍÆ¹ã×šÀž|googleÍÆ¹ãÍÆŒö·þÎñÉÌ_£¬ÎÒÃÇµÄ·þÎñ£º Äã¿ÉÒÔžùŸÝ×ÔŒºµÄÐèÒªÏòÎÒÃÇÌá¹©Ò»žö»ò¶àžö¹ØŒüŽÊ£¬žùŸÝÄãµÄÒªÇó°Ñ¹ó¹«ËŸ ÅÅÃûÔÚGoogleÍÆ¹ãµÄÇ°10 Î»¡£ ¿Í»§ÎªÊ²ÃŽÑ¡ÔñGoogle×ó²àÍÆ¹ã?

By: way three

way three — Mon, 14 Nov 2005 12:59:15 +0000

Während die glazial geprägten Landschaften

By: passwords for

passwords for — Sat, 12 Nov 2005 22:23:16 +0000

Nice post, where can I email you to ask something in private?

By: ŒõËÙ»ú

ŒõËÙ»ú — Wed, 26 Oct 2005 02:42:57 +0000

ÎÒÃÇÎªÄúÌá¹©ŒõËÙ»úÏµÁÐ²úÆ·¡£

By: JC

JC — Mon, 09 Aug 2004 23:59:44 +0000

Not a perfect solution, certainly, but it’s a heck of a lot better than a yellow post-it note.
With a global password, (really just a seed for the hash) that very patient bad guy might have to work years to break a single person’s data, if the encryption was good enough. Or rather than a global password, a half dozen bits of data… SSN, DOB, father’s middle name, childhood street name, etc, which you put in one time when installing the app, and then it can build the hash from that… but you’ll still know those components when you move to a new machine. Hmm. Can it print out all the passwords it’s created in case you need to use one from a machine it’s not installed on? hmm.

I wonder how it handles variable password lengths… does it create a 300+ key password hash and only use the maximum number of characters the site allows, or?
Perhaps I should RTFA, huh? :-)

By: Jonathan Hollin

Jonathan Hollin — Mon, 09 Aug 2004 21:40:12 +0000

Great explanation Fyodor. Thank you.

By: Fyodor Isakov

Fyodor Isakov — Mon, 09 Aug 2004 12:48:11 +0000

In a nutshell: the example.com stores the hash, which is calculated as a function of password and the domain name:

hash (pwd, domain-name)

Now, suppose the bad guy broke through to the example.com and has access to all hashes. All he needs to do now is to apply this function to the domain name (example.com) and the unknown password, and compare the results with stolen hashes. If match is found — the password is recovered. Needless to say that passwords are substituted from a dictionary or chosen at random from predefined alphabet. And yes, he can use all the computing power at his command, since the hash algorithm is open.

Apparently, the paper authors do recognize this problem and provide some sort of solution to it, see it on slide 11 of ppt file. I was too lazy to look it up earlier, so my apologies. However, the proposed solution (global pwd to strenthen all hashes) only adds another unknown variable to the hash method:

hash (global-pwd, pwd, domain-name)

Therefore, a very patient bad guy still has a chance to break this.

All I had to say is: no smart technology can protect you if you use weak passwords and/or use same password on different sites. Even worse, an unsavvy user might be tempted by the false sense of security provided by such technology and may become too relaxed. And so he falls an easy victim of bad guys.

By: Jonathan Hollin

Jonathan Hollin — Sun, 08 Aug 2004 22:42:05 +0000

“what prevents the cracker to run a dictionary/brute force attack and recover the password?”

Over the web? He’d have to have an awful lot of patience.

Please, explain where you think the vulnerability is – it would be interesting to see how the authors of the paper respond.

By: Fyodor Isakov

Fyodor Isakov — Sat, 07 Aug 2004 11:52:42 +0000

Sorry, I don’t get the point. The hashing algorithm is known, right? The hash is calculated from pwd and target domain name, right? So, having acquired the hash from example.com’s users DB, what prevents the cracker to run a dictionary/brute force attack and recover the password?

To have a global username/pwd is actually a really bad idea.

By: Bob Owen

Bob Owen — Fri, 06 Aug 2004 13:31:41 +0000

Hmmm, I would guess a similar effect which would be more portable, but possibly less useful would be to have a bookmarlet to handle the hashing. I’ll have to look into this.

By: Jeroen Coumans

Jeroen Coumans — Fri, 06 Aug 2004 07:24:49 +0000

Is this the same Blake Ross from Mozilla marketing fame? See . If so, I guess we can expect that this will be incorporated into Firefox 2.0: .