How to secure your password list so that Strongbox and others can do their job

[raymor]

High_Times made a very good post bringing up the very big problem
of how easily crackers can download and crack your entire
password list.
http://www.gofuckyourself.com/showthread.php?t=459989

That thread is about to hit 3 pages, with few or no replies explaining
how to solve the problem. I figured I'd start a new thread covering
the solution for those who don't want to read through pages
of replies to his post.

Many people who replied to his post mentioned that Strongbox
will do a very good job of detecting and handling compromised
passwords. Strongbox will do a good job of detecting and
notifying you of a password that the user gives out, preventing
your passwords from getting cracked by dictionary or brute force
attacks, and letting you know if your entire password list ever
does get cracked.

However, if you let a cracker download and crack
your entire password list something like password sentry,
Strongbox, etc. will simply do it's job and block all of these
compromised passwords, which would leave legit users without
access. What you need to do is first secure your password list
so that a cracker can't simply download your whole membership
list and post it on a password site or wherever, THEN have
Strongbox watching for any individual passwords that get
compromised somehow.

Having your whole member list cracked is kind of like having
your hard drive totally fail in that people don't think about it
too much because it doesn't happen every day, but when it
does happen it's a BIG problem. Also like a hard drive failure,
it's fairly likely that eventually it will happen to you.

If you are using an old fashioned .htpasswd file that's only
encrypted with an algorithm called DES which is next to
worthless. If those DES encrypted passwords are based on English
words, which they normally are if you let your users choose
their own passwords, a cracker can decrypt many of those
passwords within seconds. You have to secure your passwords
better than that. High_Times made some good suggestions
on how to avoid having your list cracked, but I wanted to
go a little further.

First, how to know if this is a problem for you:
1) If you have a file called .htpasswd you have problem.
2) If you let users choose their own passwords you have a problem.
3) If your database or password file has the passwords in
it in clear text you have a problem.
4) If any of 1-3 applies to you and you run PHP scripts, you
probably have a bigger problem.

PHP scripts make the problem worse because most of them,
including most of the most popular ones, include a security hole
that will let the attacker download your password list or database.
So especially if you use PHP you'll want to be sure your password
list is not easily cracked.
I know some of you PHP script code monkeys will want to argue this point.
Be alerted that if you do I'll refute your argument by exploting a
hole in this PHP board to change your sig to "I'm a PHP newbie
who argues with experts when I don't know what I'm talking about." ;)

High_Times mentioned that DES encryption, used in most .htpasswd
files, is no longer effective. I've run a cracker program against
some customers' password lists and indeed I was able to
crack many passwords in seconds. Part of the reason it's so
weak is that it only uses the first 8 characters of the password.
With user chosen passwords the first 8 characters are often
found in a crackers dictionary because they choose passwords
based on English words.

You CAN use the much stronger MD5 algorithm for your .htpasswd file by having your processor's
add password script slightly modified and using the following
directive in your .htaccess:
AuthDigestAlgorithm MD5
However, Apache's uses a slightly non-standard MD5 implementation,
so that may well create a problem for you in the future.
Better is to put your usernames and passwords in a MySQL database.
Any processor's script can be fairly easily modified to use a
MySQL database instead of a password file. You can then
use Strongbox to read those passwords or install mod_auth_mysql.
Do NOT put clear text, unencrypted passwords inb a MySQL database.
Some of the well known user management scripts do exactly that.
Some of these scripts are made by friends of mine, so I won't
name names just yet, but if you distribute such a script fix
that now. By next year I will be naming names. If you use a
user management script ask them if they store the passwords
in clear text and ask them to adjust it so that it instead stores
a MD5_hex hash of the password.

Now that you've fixed up your encryption, you also need to have
reasonably strong passwords. Contrary to popular belief, using
punctuation marks in passwords doesn't improve security much
at all. (Count the bits.) Allowing certain punctuation marks
does, however, make you vulnerable to code injection attacks.
The best ways to make passwords strong is to make sure that
they are not plain english words or based on english words and
to make them reasonably long. That means you can't let users
choose their own passwords, or else you need a very good
password checking script to make sure they don't pick weak
ones. Does that mean you have to set CBill to create those ugly
random passwords like J8*Ul7^ag% that noone can remember?
No! Not anymore. CCBill will let you upload a large list of
user/pass pairs that it will assign to users. The ideal password
is reasonably long (8-14 characters), not based on a dictionary
word, and yet easy enough to remember. Note the phrase
"based on a dictionary word". fuckoff1 will get cracked quickly.
We've written a script that produces nearly ideal passwords.
They are somewhat pronouncable and there can be remembered,
yet they are long enough and not based on english words.
Some usernames and passwords generated by our script
in short mode:

Code:

uarainaca   niladonkn
sexweepri   spitskido
lymphricb  frucsphin
trufsecev    pantygenc

long mode:
spunloomjago chopscorpssl
luxereclrirr       mesrandcourt
qualmionochi  ovavimzotep
erynphisrhuc  seisskulldik

"spitskido", "pantygenc", or "frucsphin" won't be found in a
hacker's dictionary, yet can be pronounced and therefore
remembered.

If you'd like us to generate a list of 10,000 or so user/pass combos
for you to upload to CCBill or whatever processor you are using
just drop us an email. We'll be writing a script for using our
passwords with Paycom some time in the next couple days.

I'm sure someone will post a reply bringing up something I forgot,
but that's about it I think.
To review:
Old fashioned .htpasswd is bad, very bad.
Use MD5 or SHA1 rather than DES.
Use MySQL to store the passwords via either Strongbox or mod_auth_mysql.
Generate good passwords rather than letting users choose bad ones.
Make sure your PHP and CGI scripts are up to date on security patches.
Now your password lsit is secure and you're ready to use
Strongbox or another system to catch any passwords that may
be given out and to prevent brute force/dictionary attacks.

[Robertf]

please change my sig for the hell of it

[newbreed]

So when can you start installing this thingy on my server?

[raymor]

Quote:

Originally Posted by newbreed

So when can you start installing this thingy on my server?

Nothing for me to install, really, since you are already using
a MySQL based user management system and you
already have Strongbox.

I've emailed you the URL of the password list I generated for you.
I made it with 30,000 user/pass pairs, let me know if you need
more than that to last you for a while. You can upload that list
to CCBill.

Your user management system is totally closed source, encrypted,
so I can't modify it for you to store the passwords using strong
encryption. The only people who can make any adjustments
to it are the guys you bought it from, so you'd have to talk
to them about having it store the passwords as an MD5 hash.
Then we'll configure Strongbox to read directly from that
database and to compare based on MD5 hash.

[fris]

Quote:

Originally Posted by raymor

Nothing for me to install, really, since you are already using
a MySQL based user management system and you
already have Strongbox.

I've emailed you the URL of the password list I generated for you.
I made it with 30,000 user/pass pairs, let me know if you need
more than that to last you for a while. You can upload that list
to CCBill.

Your user management system is totally closed source, encrypted,
so I can't modify it for you to store the passwords using strong
encryption. The only people who can make any adjustments
to it are the guys you bought it from, so you'd have to talk
to them about having it store the passwords as an MD5 hash.
Then we'll configure Strongbox to read directly from that
database and to compare based on MD5 hash.

i would like to do a review of proxypass, strongbox, and pennywize for protectadult.com

[WebGemsHosting]

Nice, Raymor!

I will contact our strongbox customers and let know to contact you.

[Kevin2]

Ray has always been a fountain of knowledge Thanks for the informative post Ray

[nofx]

you can still always bruteforce

[pstation]

you should also always add a salt hash as well....

[raymor]

Quote:

Originally Posted by nofx

you can still always bruteforce

Note that with good passwords it would have to be a true
brute force attack and not the far more common and
much easier dictionary attack. With reasonably long passwords
and MD5 a brute force attack would take a very long time.
It'd be possible to do, but why bother when it just takes a
few minutes to rip the whole password file of some other site?
Also Strongbox will prevent a web based brute attack.
To even attempt a brute force attack they first have to get the
password list.

[V_RocKs]

Very good info's Raymor

[JFPdude]

and if your host doesn't make mod_auth_mysql available for you for gods sake get the .htpasswd file out of the web accessible directory and into a secured area and at a minimum rename it.

There are a lot of precautions you can take so that your are more secure and most of them are easy to implement.

Most people use http://mygreatpaysite.com/members/.htpasswd to store their password then wonder why they were hacked so easily.

[V_RocKs]

Quote:

Originally Posted by nofx

you can still always bruteforce

Haha... sure you could. First you'd have to write bruteforce program that can OCR strongbox's turing test. Then it'd have to run very slow or Strongbox will close of the form for a while so that no one can use it. Then you would have to have the list of username/password pairs that the site used because dictionary words would be pointless, as would the password files of any other site. Or you would need to bruteforce the characters. Even if it was basic authentication this would be a daunting task.

[Babagirls]

i have my own codes for passwords, dont need to all that LOL

[V_RocKs]

Good thread... Still crazy after all of these years... Still the same companies having the same problems.

[Lace]

Jesus 4+ year bump...