盐和密码 [英] Salt and passwords

问题描述

可能重复:
保护PHP密码的哈希值和密码

Possible Duplicate:
Secure hash and salt for PHP passwords

警告:请勿将MD5用作密码，而应使用bcrypt之类的替代方法

WARNING Don't use MD5 for passwords, use an alternative like bcrypt

对于我的密码，我应该使用这样的盐(盐对于每个用户而言都是唯一的，并且不直接与密码一起存储)...

For my passwords should I use salt like this (the salt will be unique to each user and not stored directly with the password)...

$salt = sha1(md5("coders gonna code"));
$password = md5($salt.$password);

或者如果我刚使用过，也可以吗:

or would it be okay if I just used:

$password = md5($password);

因为如果我使用了salt，即使用户输入了错误的密码(例如password)，也没关系，因为salt(在这种情况下)将为145ac26ff093c6e1317f7d5fb4c9fd11c77be975，因此该密码的输入项将为145ac26ff093c6e1317f7d5fb4c9fd11c77be975password根据http://howsecureismypassword.net/的说法，破解需要10亿十亿年.还是我应该变得更糟

because if I used salt, even if the user makes up a bad password like password it won't matter because the salt (in this case) would be 145ac26ff093c6e1317f7d5fb4c9fd11c77be975 so the entry for there password would be 145ac26ff093c6e1317f7d5fb4c9fd11c77be975password which according to http://howsecureismypassword.net/ it would take 3 octodecillion years to crack.... so opinions? Or should I be even worse and go

$password = md5($salt.$password.md5($salt));

如果此人走得足够远，无法得到盐哈希值，那么有什么能够阻止它，然后再进一步吗? <最后一个密码的详细说明

If the person has gone far enough to get the salt hash, would anything be able to stop then going futher? < More of a statement this last password

对于每个说我应该针对每个用户执行此操作的人……我知道，这只是一个例子.

To everyone who said I should do it per user... I know, this is just an example.

推荐答案

您应该更改盐值，以使其特定于每个用户，而不是系统范围的常量.这将使针对您的密码哈希的彩虹表攻击更加不便.

You should change the salt so that it is specific to each user, not a system wide constant. This will make rainbow table attacks against your password hashes much more inconvenient.

在文章，作者:特洛伊·亨特(Troy Hunt).

There is a good write up on the evolution of salting in this article by Troy Hunt.

修改

$salt每个密码记录唯一的内容，这给它增加了很多熵.这通常是随机字节序列，与用户帐户一起存储.

$salt something unique to each password record, which adds much entropy to it. This is usually a random sequence of bytes, stored with the user account.

传统上，哈希是在salt + password的串联上完成的.

Hashing is traditionally done on the concatenation of salt + password.

$passwordHash = hash($salt.$password);

正如其他人所说，请勿使用MD5进行哈希处理.它坏了.

As others have said, don't use MD5 for hashing. It is broken.

不推荐，在哈希之前将其他专有算法应用于密码或盐.相反，请查看诸如 PBKDF2 之类的行业实力解决方案，该解决方案除了加盐外还需要许多(通常> 10k)重复的迭代，这将进一步降低攻击者的速度.

Applying additional proprietary algorithms to password or salt prior to hashing is not recommended. Instead, look at an industry strength solution such as PBKDF2, which, in addition to salting, also requires many (typically > 10k) repeated iterations which will further slow down an attacker.

如果您采用 OWASP准则，则应定期增加执行的哈希数(以抵消摩尔定律).每个用户的哈希数也应保持不变，这意味着您将需要存储哈希密码，盐和迭代次数的三倍.

If you adopt OWASP guidelines, the number of hashes performed should be increased regularly (to counteract Moore's Law). The number of hashes should also be persisted per user, meaning you will need to store the triple of hashed password, salt, and number of iterations.

这篇关于盐和密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！