Password Storage

BLM768 via Digitalmars-d-learn digitalmars-d-learn at puremagic.com
Thu Nov 26 21:03:01 PST 2015


On Friday, 27 November 2015 at 02:05:49 UTC, H. S. Teoh wrote:
> For authentication, the password shouldn't even be sent over 
> the wire. Instead, the server (which knows the correct 
> password) should send a challenge to the client (i.e., a large 
> random number produced by a good RNG -- which is different each 
> time the user authenticates). The client should then prepend 
> this challenge to the password typed in by the user, and 
> compute the hash of the result. This hash is sent back to the 
> server, which does the same computation on its own, and checks 
> whether the two hash values match. Provided you're using a good 
> cryptographic hash, the only way the client will be able to 
> provide the right answer is if the user actually knows the 
> password. At no time is the password ever sent over the 
> network, encrypted or not.
>
>
> --T

The issue I see with this is that the server has to _know_ the 
password in order to hash it with the challenge. If the server is 
compromised, guess who else knows the password now?

Some kind of public-key encryption/signing might work, though.


More information about the Digitalmars-d-learn mailing list