md5("" + id) not a good idea perhaps
md5("" + id) not a good idea perhaps
| Issue ID: | 739 |
| Issue Category: | security |
| Component: | core |
| Priority: | minor |
| Status: | active |
| Assigned: | mymmn |
| Milestone: | 1.0 |
| Keywords: | patch exists |
Given how easy it is to guess the ID - is the solution on the security page a good idea.
Updates
#1
We're using the ID as a salt for the one-way hash of the password. It wouldn't be hard at all to get the ID if you have the encrypted database; it's stored in the same table.
Then again, the salt is usually stored with the hashed password.
http://en.wikipedia.org/wiki/Salt_(cryptography)
I don't think this is a particular problem.
I also don't know what "the solution on the security page" is. Can you be more specific?
#2
#3
I am personally a very big fan of the UNIX 'crypt' function. Having a crypt compatible string in the database would make it easier to integrate with other password checking services.
Though it wouldn't really improve security immediatly, using crypt does allow for compatible updating to more secure hashing than MD5 (SHA1 and SHA512 even).
For example MD5 strings are $1$salt$hash while SHA512 are $6$longersalt$muchlongerhash - and as long as the db `password` column fits both versions, only the PHP crypt() support would set a limit to what hashing functions can be used.
#4
Posted a merge request for a plugin that adds functionality on user password change and login if desirable: https://gitorious.org/statusnet/mainline/merge_requests/206
crypt() enables much better password authentication compatibility, by means of integrating with other services and such, than an arbitrarily salted hash.
#5
You can also subscribe to the
RSS feed for updates to this issue.