I have a list of user accounts with passwords in different formats (Binary 11, Binary 3, Binary 33). When I export as ldif, it has all encrypted passwords. I want all passwords as plain text. (As I can see in ldap). Can I have plain passwords in exported file?
I doub it. When you export as LDIF, it has all hashed passwords. Not encrypted. You can't decrypt a hash. You can't get the plaintext. You don't want the plaintext. See here for why not.
Review your requirement.
Related
I am developing an application and I have a connection key for this application. I want to keep this key encrypted in Firebase and use the decrypted version in the app. So I'll keep it encrypted in Firebase and decrypt it and use it in the app.
I am using Firestore.
You can think of it as a password control system. It is kept encrypted in Firebase, the encrypted password is decrypted in the login part and the password accuracy is checked.
Thanks in advance for the help.
Usually passwords are stored as hashed strings, not like encrypted data.
If you want to encrypt before uploading to database and decrypt in the app after fetching it, you can use any of the symmetric encryption algorithms
If you want to store passwords as hashed strings, you can hash the password with sha-256 before uploading to the database and when you need to check in the app if the given password is true at login, you can hash with the same hashing algorithm and compare with the hashed strings in the database.
I am using aspnet membership provider and by default HASHED password format were being used behind the scene and recently i got that password retrieval is not possible using that format. so i need to change password format to CLEAR OR ENCRYPTED however after doing this
is there any possible way to change password of existing data through database? OR i need to delete all records and start to create from scratch?
Also how one can handle situation where need to change password format from CLEAR to ENCRYPTED?
No, you will not be able to decrypt a hashed password. Hashing is by definition one-way. The two-way option available is the encrypt option, or clear.
The main function of hashing a password is for one-way encryption. Even internally when values are compared they are compared as hashed values.
[OK, technically one could decrypt a hashed value, but this enters into the realm of hackers, rainbow tables, salt values, and I do not think you wish to go there]
For more please see here
I need to encrypt content in my web application on a per-user basis.
I, the root user, do not want to have access to users' content, period.
How can I make it so users are the only ones with access to their content? Perhaps I can make it so a hash of their login password acts as an encryption and decryption key (then their password is stored one-way hashed in my database, and the encryption/decryption hash is generated from their raw password on login and stored in a local cookie)? But what if they change their password? Then I have to update all their content which could take a lot of processing power.
Is there an encryption method that would provide this, without having to re-encrypt their content if their password changes? Something similar to ecryptfs on Linux, perhaps? Is researching ecryptfs a good place to start?
Is making it so only the user can access their content on my servers (and not even me) even feasible?
Process:
Generate a random secret to encrypt their content.
Using their provided password encrypt the random secret from #1.
Store their password as a one-way hash (with salt, maybe multi-hash).
Upon Password change:
Re-generate the value from step #2.
Re-generate the hash-cache from step #3.
Upon Login:
Hash password and check against hash generated in step #3.
If password matches - use actual provided password to decrypt random secret from #2.
Use random secret from #2 to unlock data encrypted in #1.
Notes:
No one can decode the data without knowing the random secret (#1). Random secret can only be unlocked with user's actual password (#2) (short of brute-force). User's actual password is only known in one-way hashed form (#3) so you can confirm it's the same, but cannot decode it and recover #2.
A forgotten password process is not possible (you can regenerate #3, but random key in #2 is now lost as is everything locked in their vault).
You don't have to re-encrypt everything in step #1 every time they change their password, only the (simple/quick) random secret from #2.
If you cache their provided password, or the random secret generated at step 1, or their (decrypted) content anywhere you could cause data leaks.
You're spot on that you need to use their password as a key.
I wouldn't monkey with ecryptfs because an encrypted file system isn't the best solution. You wouldn't want one user's data to be encrypted with the same key that another user used.
When you encrypt the data, you should generate a random string to use as salt. This prevents someone from using a pre-generated list of hashes to decrypt your data. It also changes the hash of two people who might use the same password.
When a user changes their password, you'll have to re-encrypt the data and generate a new salt value. This is the level of security I would expect as a customer, knowing that when I change my password, I'm re-encrypting all of my data to prevent someone from trying to brute force my key.
You can store the salt value in your database unencrypted.
I'm using ASP.NET membership for a site that will serve primarily sophisticated users. I understand the difference between hashed and encrypted passwords, and I'm trying to decide between the two.
After my last client complained bitterly about hashed passwords being a total PITA, I've started to favor encrypted passwords. But someone suggested this just isn't secure enough.
So my question is: What, exactly are the risks of encrypting passwords? Any person with the ability to steal passwords by decrypting them from the database would surely have the ability to reset them if they were hashed, no? I'm having trouble seeing where someone could cause trouble with encrypted passwords but couldn't with hashed ones. Making it convenient for users is also important.
The risk with decryptable passwords is that people use the one password for various logins and accounts, not just for the application you are dealing with.
With an encrypted password, a
stolen/decrypted password could be
tried out on users' other accounts (e.g. a stolen banking password could lead to access to their email).
With a hashed password, there is no
recovery. Theft of password hashes
should never easily yield usable
passwords
Treat passwords as the property of the account owner. It's not yours to view, decrypt, or do other things with. If a user forgets their password, offer reset, and not retrieval.
The point is that Encrypted passwords can be decrypted...so it is possible that with having access to the keys etc all the passwords could be known.
Hashed (with salt) passwords are a 1 one function so there is effectively no possible way of determining what the password was which means the user supplying the password has less to worry about. Sure someone could change the hash in where ever it is stored (e.g. database) so that user could no longer log on, but the password they had provided originally still wouldn't be known.
Edit
As you've tagged the question ASP.Net, I'd recommend using BCrypt.Net library to generate your hashes
The risk is, that encrypted passwords can be decrypted to get the plain text password.
Hashes normally can't be reversed.
Reversing an MD5 Hash
A quite common occurance is people using the same username and password on all their internet sites.
All it takes is one site password to be decrypted, and all the users sites are at risk.
While with a hash, the cracker never gets the plain text password.
As other users have said, encrypted passwords can be decrypted and are not a good idea.
If you use a standard hash technique the user who has access to your database could put in the standard md5 for "password" for example. You can solve this issue with a salted hash which takes the input string and a salt string value to create a unique hash that can not easily be replicated. Store it somewhere safe and use sha1($salt . $input). You now have a salted hash.
I am currently using MD5 encryption for storing the password in the database. We didn't have the password reset functionality before. But now we are implementing it. So I can't decrypt MD5 and send the password to the user. But I can do if it is encrypted in base64.Now I am little bit confused which is best encryption method.
I already did the client side validation for strong password (like 8 char length, special characters etc).
Base 64 is not an encryption mechanism, it is an encoding scheme. It is easily reversed, so it is not a good choice for protecting critical data.
The common approach for passwords is to hash them with something like MD5, and then store the hash. When the user logs in again, hash the input password, and compare that to the stored hash.
If the user forgets his password, you should not be able to tell him what it is. Instead, allow him to reset it to something else (presumably something he can remember).
Also, as #Phil Brown mentions, MD5 is not considered a strong encryption mechanism. SHA-1 would be better suited for this task.
Base 64 encoding is generally used to transmit binary data over a mechanism that only allows ASCII text.
Base64 is not encryption, it is an easily reversible encoding mechanism. MD5 is a one-way cryptographic hash, though its use is not recommended because it is cryptographically weak.
For your needs you probably want to store the hash of the password (better with salt), probably using SHA-256 or better. When users forget their password, you generate a random one-time use password for them and force them to recreate a password, or just make them do it after verifying some credentials.
Base64 and MD5 are not encryption methods. Base64 is simply a way of encoding characters, which provides absolutely no security - it is as good as storing the password in plain text. MD5 is a hash function, which means it is one-way and cannot be decrypted.
Hashing is definitely the way to go. MD5 is okay, but you should switch to a more secure function such as SHA-256.
As for a "forgot password" feature, never store the user's password and send it back to them. Instead, generate a (random) temporary password for them so that they can login and change it.
Best practice is to store the password hash using MD5 as you are now (or even better SHA256).
Don't do password recovery. Instead, when a user forgets their password, create a new random password and send it to them. They can then login and set the password to something they prefer. Much more secure.