开发者

What's the most secure way to encrypt a password using PHP without a database

I'm working on an application and I don't want anyone figuring out the algorithm for the admin username/password.

I would like to clarify first of all:

  1. Is website security just based on the complexity of algorithms?
  2. What's the most secure method, or maybe there's a GPL source code link you can recommend? (Would that not be feasible since the algorithms are ac开发者_StackOverflowcessible to anyone who can Identify where I got the source code from?)
  3. I'm not using MySQL for my application, I don't need to.

What's your suggestion for how I get as secure as possible without spending money. Time is a luxury I do have. Just PHP and minimal JavaScript.


What you need is a hashing algorithm (such as md5 or sha1), these are "one-way", meaning you can easily hash a string such as a password, and compare the resulting hash to your stored hash. You cannot however take the hash and convert it back to the password.

See http://gr.php.net/manual/en/function.sha1.php for the sha1 function.

MD5 and SHA1 are well known algorithms, SHA1 is the more secure as there are current mechanisms to facilitate easier bruteforcing of MD5 hashes.


Passwords MUST NEVER be encrypted, this is a clear violation of CWE-257. Passwords must always be hashed and SHA256 is a very good choice.

SHA256 is extremely powerful and very secure because it is public and there for heavily audited. The use of a private algorithm is shunned in secuirty as it is called "(in)security though obscurity"


I would recommend you start by reading this article: http://phpsec.org/articles/2005/password-hashing.html

It tells you how to generate a secure hash using a salt. If you read the whole article you should be able to understand how to improve the final function at the end.


I suggest using a hash function that has been specifically designed for use as password hash, such as bcrypt, as opposed to standard hashes like SHA256. This makes it much harder to crack the passwords in case the hashes leak.


Your question seems to imply that the encrypted password is somehow accessible from the network.

That should not happen - either use .htaccess or equivalent to restrict access to that file, or simply store it outside your document root. That way a potential attacker won't have anything to attempt to decrypt even if they do know the encryption algorithm.

That said, there is a large number of crytpographic hashing algorithms, that will encrypt your password to a form that is highly improbable (but not impossible) to be reversed, even if an attacker does acquire your password file/text.

The Wikipedia article above has a nice list with various algorithms and the current estimates about the difficulty of reversing an encrypted password for each case.

Most modern environments already have support for the most potent of these algorithms. For PHP:

http://php.net/manual/en/function.sha1.php

http://php.net/manual/en/function.hash.php

The second one provides some variety to choose from...

EDIT:

Keep in mind that even the best hashing algorithm won't help very much if your chosen password is johnycash or something similarly easy to guess using a brute force dictionary attack.

Quite often, the weakest link of a system lies in the people that use it...


Re: "Is website security just based on the complexity of algorithms?"

No, there are many thing you need to do to make a website secure.

Some things you must prevent are:

  • SQL injection
  • Code injection
  • Directory traversal
  • Cross site scripting
  • Flash parameter injection
  • Session hijacking
  • Password brute forcing
  • Cross site request forgery
  • Man in the middle

and probably many more...

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜