[SOLVED] How to salt passwords?

[Prodigal Son]

Hi,

 

So up to this point I've been hashing passwords with the sha1 function and that is relatively easy, but I've never gotten to salting passwords, which I'm sure I should do. I've never really gotten to understand it though, which was my reason for avoiding it. From my understanding your supposed to concatenate a random string onto the hashed password? How exactly does this work. Let's say someone registers and you hash their password and add a random salt and place it in the database. Next time when they log in how will you know how to get that random salt that you used? Or if the salt is not random and a static string, then that doesn't really add anything security does it? Maybe I'm missing something. ???

[DarkWater]

It's a static string that only you know that obfuscates it from the real value and makes it nearly impossible to crack and get an accurate password.  Use all sorts of characters and make it nice and long.

 

$salt = 'AL898a0d8**#901-00193*(/#*';

[Nhoj]

The idea behind it is that if someone obtained a copy of your database some how the passwords stored in it would be very, very difficult to crack accurately. For example if someone had the password 'fluffy' and you stored it in your database as an MD5 string it would be 'ce7bcda695c30aa2f9e5f390c820d985'. If someone tried to crack the password they could attempt to crack it and come back with 'fluffy', bam, they now have someones password.

 

Keep in mind this would only be plausable if someone were to actually obtain access to your databse and not your login or password creation script. Now, in continuance, if you were to save all your passwords with a salt, for example '&()$*/123@!#$%89213fluffy!%&*(!#*$(_!#$*(;'. That would be saved as an MD5 string of 'f07d229946c35a0bbc380a2b1c7c5376'. If someone obtained your database and tried to reverse that password it would add an incredible amount of difficulty to it. In addition, most MD5 reverse lookup sites only lookup known MD5 strings to convert them to readable text. The chances of someone cracking the previously mentioned password when all they know is the MD5 string, are very, very, very slim.

 

Hopefully that makes a bit of sense hehe

[Prodigal Son]

The idea behind it is that if someone obtained a copy of your database some how the passwords stored in it would be very, very difficult to crack accurately. For example if someone had the password 'fluffy' and you stored it in your database as an MD5 string it would be 'ce7bcda695c30aa2f9e5f390c820d985'. If someone tried to crack the password they could attempt to crack it and come back with 'fluffy', bam, they now have someones password.

 

Keep in mind this would only be plausable if someone were to actually obtain access to your databse and not your login or password creation script. Now, in continuance, if you were to save all your passwords with a salt, for example '&()$*/123@!#$%89213fluffy!%&*(!#*$(_!#$*(;'. That would be saved as an MD5 string of 'f07d229946c35a0bbc380a2b1c7c5376'. If someone obtained your database and tried to reverse that password it would add an incredible amount of difficulty to it. In addition, most MD5 reverse lookup sites only lookup known MD5 strings to convert them to readable text. The chances of someone cracking the previously mentioned password when all they know is the MD5 string, are very, very, very slim.

 

Hopefully that makes a bit of sense hehe

Oh so you add the salt BEFORE you hash the password. I thought you add it afterwards lol. I think I'm getting it now.

 

So do I have this right: My password is secret (for simplicity) and my salt is salt. So I take secret and add the salt to it (secretsalt). Then I use sha1/md5 to hash it. If a hacker cracks it he will get secretsalt and if he tried to log in with that it wouldn't work?

 

In your example, do you just use substr to put the password in between the salt? In your example, if someone saw "&()$*/123@!#$%89213fluffy!%&*(!#*$(_!#$*(;" they might have guessed that fluffy is the actual password. If you wanted could you even break apart someone's password in half and put the salt in between?

 

Last question. I remember people that use random salts via time() and other similar functions so each person has a different salt. How would that go about working? How would you know the salt your using?

[Nhoj]

I'm not sure how someone would go about using time as their salt, never seen it done, unless they linked the salt to maybe the account creation time which would be stored in the database as well. In theory with that method it would probably be just as secure as long as no one knew that your salt was linked to said database column, etc.

 

In addition, to hash something like i previously mentioned with the fluffy example you could simply do something along the following.

 

$salt1 = '!(#&*(@!#*';
$salt2 = 'KLSDKF@!3';
$mypassword = 'fluffy';
$newpassword = $salt1.$mypassword.$salt2;
$hashed = md5($newpassword);

 

If you were to echo $newpassword it would come out as

!(#&*(@!#*fluffyKLSDKF@!3. Cracking the MD5 for said password would be INCREDIBELY difficult.

[Prodigal Son]

So the purpose of the salt is making it harder to crack? I assumed no matter how simple or hard your original password is the md5/sha1 is the same? Like for sha1, its always 40 mixed letters and digits right? If your pass is simply "secret" vs a pass of "3je8f9h4fuis8", they both end up being 40 mixed letters and digits. But I guess for regular words people already know the hashes for them?

 

Yea, I wonder how to do a random salt. Let's say someone cracks a few passwords, let's say they are one, two, three. And say your salt is firstsalt and secondsalt. They would see a pattern right?

 

I.e.

firstsaltonesecondsalt

firstsalttwosecondsalt

firstsaltthreesecondsalt

 

But if you had a random salt it would be pretty harder to identify? I guess I will use a static string as a salt for now, still a step up from using no salt 

 

Oh yea, I was also wondering where to store the salt, is it not safe to put in on any regular page, should it be above the root?

[Nhoj]

I'm pretty sure you're on par with that. If someone were to crack a few they might notice a pattern, however, the idea behind it, at least as far as I know, is to simply make it harder to crack initially. And yes, you are correct, all sha1 hashes are 40 characters and all md5 are i believe 32, however, the amount of time required to crack, as far as I am aware, increases with more difficult strings.

 

In addition, a lot of the online reverse md5 or reverse sha1 sites simply do a lookup of the hash to see if a known string is available for said hash. The chances of one of these sites containing a completely obscure string containing your salt is much smaller than the chances they have the hash stored for 'fluffy' in their search database.

 

EDIT: The following site might help enlighten a little also http://www.phpit.net/article/handling-passwords-safely-php/

[Prodigal Son]

Cool. Thanks for helping me understand