Over the past couple years we have seen many instances of online companies experiencing major data breaches due to poor or non-existent password hashing techniques. Organizations such as eHarmony, LinkedIn, LivingSocial, Last.fm, have collectively had millions of user passwords stolen. Despite widespread publicity around these breaches, and many reporters calling out the mistakes these companies have made around their hashing techniques, these types of breaches are only becoming more common.
Fortunately, for companies who want to prevent a data breach of their users’ passwords and and other personal information, and keep their names out of the headlines, it is fairly easy to do hashing right.
Four things you should do to get password hashing right:
- Choose a good quality hash algorithm. Do NOT use MD5 or SHA-1. These are known to be weak and you should just never use them. Use one of the SHA-2 family of hashes such as SHA-256 or SHA-512. Yes, I know about the theoretical weaknesses of the SHA-2 family and that we will soon have a replacement for SHA-2. But use the best you can for now.
- Always use Salt with your hashes. A Salt is some extra data that you add to your password (or any other field that you are hashing) to avoid a rainbow table or brute force attack on the hashed value. Adding Salt can make cracking a hashed value much more difficult.
- Use a strong Salt value. Using a few characters such as a GUID or short hex string won’t really give you that much additional protection. I would recommend adding a minimum of 128-bits of cryptographically strong Salt to the password you are hashing. We use a 256-bit value in our applications. Using an encryption key might be an excellent choice for your Salt value if it is provably cryptographically strong.
- Protect your Salt. Leaving the Salt value lying around in a user file or in the clear is a really bad idea. An attacker who has easy access to the Salt value can efficiently attack the hashed value. You must protect the Salt value as you would an encryption key by using an external key management hardware security module (HSM).
If you take these four steps you will have a much more secure and defensible strategy for hashed passwords, will take you a long way down the road to better security of users’ sensitive information.