0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 1 year has passed since last update.

Risk of user password recovery in leaked application database

Posted at

Introduction

One of the application design practices is, user passwords should not be stored into a database directly. A better way is to hash the password by hash function (e.g. sha1) and store the password hash.

Potential vulnerability

Below is a sha1 hash. Do you know the original value?

21bd12dc183f740ee76f27b78eb39c8ad972a757

I thought it was impossible to recover the original value because the hash function is a one way function. But I am PARTLY wrong.

There are some hash lookup websites, which store the hash value of commonly used passwords plus word lookup from a dictionary. When I lookup hash above in one of these websites, I got

P@ssw0rd

This is a commonly used password, used in training material of Microsoft product. When the database of an application is leaked, hackers can use this way (called dictionary lookup) to recover the password of an account using a weak password. Still there is no way to restore strong password.

Improvement

Try to append a string which is not related to user information to the password before passing to the hash function. But it is useless if the source code of the system is leaked also.

0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?