[lug] Application Password Security
bgiles at coyotesong.com
Mon Jun 20 14:57:46 MDT 2016
I would hope the history contains the hashed password, not naked passwords!
The most obvious solution is to only keep the last 32 bits of the old
password hashes. The odds of an accidental match are only 1 in 2^32 - the
odds that someone will get a false positive is negligible. You'll still
need to retain the salt used in the prior hashes, of course.
If you want to be even more obscure you can create a 256-bit array (only 32
bytes) and use a bloom filter. For each byte in each of the hashes set that
particular bit in the array. If you use all 20 bytes in 5-8 prior hashes
then you'll have a good mix of set and unset bits and the results should
appear completely random and impossible to extract prior hashes from.
You can combine these approaches. Details left as an exercise for the
On Mon, Jun 20, 2016 at 2:44 PM, George Sexton <georges at mhsoftware.com>
> I'm writing a password security update for some software. I'm going to a
> BCrypt algorithm which uses a salt, and an iteration count to transform the
> password. I would go to Argon2, but I'm just not seeing a Java
> implementation yet.
> The software has historically had a feature that stops users from re-using
> passwords by keeping a history. If the password database is compromised,
> along with the password history, then I'm potentially serving up not only
> their current password, but historical ones as well.
> The question I'm struggling with is what's the bigger security risk? Users
> re-using passwords, or my app keeping historical passwords. Although I'm
> making it pretty expensive to generate a dictionary, it still won't be
> impossible. I guess where I'm ending up is that the chance of BCrypt
> password being compromised is lower than the risk of a user cycling through
> the same (or small set) of passwords.
> I would be interested in hearing what others think...
> George Sexton
> *MH Software, Inc.*
> Voice: 303 438 9585
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the LUG