Our password hashing has no clothes

Our password hashing has no clothes

Interesting write-up, basically saying that current server-side password protection techniques are useless because

a) People all choose non-unique passwords, and the most common bajillion or so passwords that people use are already known and stored in a database from previous attacks
b) Crypto hashing algorithms are really fast, but they don't need to be nearly so fast

The only things us users can do to protect ourselves is use
a) Really long passwords
b) Completely non-predictable passwords

i.e. use a password manager that can generate long, random strings of gobblygook.

I wonder also why web developers don't use some pseudo-proprietary algorithm to create passwords so that it's not something stock standard that comes bundled with password cracking programs...

 

All you need is PBKDF2. The author of that article mistankenly called PBKDF2 a hashing algorithm, but it's not. It is in fact a key-stretching scheme that can utilize any hash function. Truecrypt uses it. Dm-crypt/LUKS on Linux uses it. Hopefully most web based password databses use it. If not, they should.

And crypto hashing algorithms are designed to be fast. The SHA-3 competition is going on right now, and speed and efficiency is one of the main features that NIST is looking for. You want speed in your hash algorithms in almost every case *except* for password hashing. But, again, that's why PBKDF2 was devised.