Passwords, How Websites Store Them

Many online services still need to store user passwords securely. Difference between encryption, hashing and salting. The news of computer attacks that lead to the theft of usernames and passwords on the sites of more or less famous online service managers is almost the order of the day.

Tools like Have I been pwned track these incidents and allow users to see if their credentials were involved. In 2021, RockYou2021 was presented, a list containing 8.4 billion passwords traceable to users worldwide and related to a vast array of online services. RockYou2021 is a compendium of credentials rounded up by cybercriminals in the course of attacks carried out over the last few years.

This archive, together with many others, has highlighted how common the practice of using weak passwords (short, easily guessable, containing terms found in dictionaries,…) and sharing them among several different services is today. In this way, once a service has been acquired, the attacker can access the others used by the same subject.

However, adequately managing passwords is not only the user’s responsibility but also the online services that store those same passwords in server-side databases. Unfortunately, the user needs to know which methodology is used on the server side to protect his passwords. As a client, there is no visibility into the code running server-side.

In other words, after creating a user account on-site “X”, it is unknown what technology tools are used to protect passwords. User passwords should always be saved on the server side using cryptography: a potential attacker or an unfaithful employee will be unable to get hold of them and read them “in the clear”.

You have yet to learn, however, of which and how many websites still store passwords today without applying any form of protection. It is usually impossible to know if a certain website stores passwords correctly and protects them using encryption.

Certainly, however, if by clicking on the Forgotten password or I forgot my password link, you receive an email with unencrypted credentials, the website is certainly not behaving correctly, and the passwords are certainly stored without applying any form of protection.

Same thing if the password is sent by email after the conclusion of the registration procedure. The Plain Text Offenders site collects a list of services that maintain unencrypted passwords on their servers and defy any guidelines and good security laws. Some names are truly unsuspectedly.

Unfortunately, Plain Text Offenders no longer seems updated, and the latest reports stopped in May 2021: the site is still an excellent starting point to check if, in the meantime, the parties involved have solved the problem and to understand how storing passwords in clear text server is a bad habit that is still difficult to eradicate.

Server-Side Password Protection: Encryption, Hashing And Salting

Encrypting passwords stored in a server-side database (for example, the list of registered customers on an eCommerce site) is good. Regardless of the cryptographic algorithm used, the passwords are encrypted using symmetric encryption, therefore using an encryption key known to the service manager.That key, however, is unequivocally saved somewhere: a cybercriminal can find it and thus have the ability to unencrypt all user passwords stored at the database level.

The Plain Text Offenders site mentioned earlier contains a list of sites that save or are used to save user passwords in clear text and those that use a reversible cryptographic algorithm. A good solution to server-side password protection is to use hashing algorithms. A hashing function is a non-invertible function that, starting from a string, produces a sequence of bits (called digest ) strictly correlated with the data received as input.

However, without inherent security problems, it is impossible to use the digest to go back to the starting string, reporting it in clear text. Each hashing algorithm leads to a fixed-length output. Thus, for example, with SHA-256 (one of the most used hashing functions), a 256-bit hash value is obtained, usually represented with a hexadecimal string of 64 characters.

Each hash value is unique: if two different incoming messages produce the same hash value, a collision occurs, making the algorithm unreliable. In 2017, after at least two years of studies, Google demonstrated a collision in the SHA-1 algorithm, demonstrating that it was a function that should no longer be trusted.

Hashing algorithms are commonly used to check if a file downloaded from the web matches the one produced by the developer. If the hash value coincides with the one published by the manufacturer on its website, the file is unchanged. We talk about it, for example, in the article on downloading the ISO image of Microsoft Office.

The choice of the best and safest hashing algorithm plays a fundamental role: in some cases, cybercriminals, using brute force attacks and the so-called rainbow tables, can try to reverse the hash function and trace the users’ real passwords Martin Hellman and later Philippe Oechslin worked on rainbow tables starting from a compromise between time and memory.

Rainbow tables contain millions of matches between passwords and corresponding hashes: they take up a lot of space but allow you to get to data decryption quickly. The hash corresponding to the password will be cleared compared to all the table’s existing hashes. This can reveal which plaintext password is tied to which hash.

At each step, a separate reduction function is used (highlighted with a different color, hence we speak of a “rainbow”), which converts the hash into simple text belonging to an indicated group (for example, strings with certain characteristics in terms of alphanumeric characters used). By repeating the process thousands of times, you get a chain in which only the first and last password-hash values are kept on the disk.

Rainbow tables have a structure designed to manage millions of pairs (string/password, hash), usually starting from commonly used words. Try searching Google for the hashes obtained by applying the three algorithms MD5, SHA-1 and SHA-256: you will find the immediate match with the starting string, in this case, rainbow.

High computing power is required to use the rainbow tables on the net; however, there are ready-to-use tables optimized for the various hashing algorithms. Using cloud services such as those of Amazon, Google and Microsoft, you can significantly reduce processing times and trace a clear password by examining its hash.

To defend against this attack, you can use an intelligent salting technique. “Salting” a password means adding a value ( cryptographic nonce ) to the beginning or end of the password to arrive at a different hash value. Before hashing, random data is generated and added to every single password to make it even longer and more complex.

The important thing is never to use a single string to “salt” all the passwords or choose one that is too short. After salting, cracking passwords can be extremely time-consuming and computationally expensive for potential cyber criminals. It will be even more so if the password chosen by the user is already complex on its own. That’s why you should always use a strong password, regardless of the site you’re registering on.