[support] Passwords in Drupal

Craig Jackson tapocol at gmail.com
Fri Oct 3 18:51:54 UTC 2008 

http://drupal.org/project/salt

Plus, there was a huge issue ticket that got committed to Drupal 7 in April:
http://drupal.org/node/29706

Hope this helps,
Craig

On Fri, Oct 3, 2008 at 12:37 PM, Daniel Carrera <daniel.carrera at zmsl.com> wrote:
> Hello,
>
> This isn't a question but rather a comment. I'm not sure if this is the
> right list to bring this up. I just noticed that Drupal stores user
> passwords as a simple MD5 sum: md5($password)
>
>
> Sure, MD5(passwd) clearly beats plain text, but I was hoping for
> something better. In particular, I was hoping to see secure salts and
> maybe other security features. The current system has vulnerabilities.
> You can compute the hashes for a standard dictionary of passwords and
> compare the hashes. Some passwords are very common ("password" and
> "password1"). I just tried it on my system an I found 6 users whose
> password is password. Because MD5 is a very cheap function and there are
> no salts, a dictionary attack is quite easy.
>
>
> I understand that there are already millions of Drupal users and you
> can't drop MD5(pass). But I can still suggest a simple upgrade path that
> results in a secure hash. A future version of Drupal (e.g. Drupal 7)
> could use a hash of the form:
>
>
> $salt = "uqYmV7yoUFYLQ5AspBK";  // Anything long and random is fine.
>
> $hash = hash_hmac('sha1', md5($passwd), $user_id . $salt);
>
>
> There, simple. The last parameter the key, but we only use it as a salt.
> Notice how each user gets a different salt. This makes dictionary
> attacks more difficult. I use HMAC rather than SHA1 because it has great
> key-mixing properties. With SHA1 the salt ($user_id.$salt) would have
> important weaknesses.
>
> If a future version of Drupal used this hash, it would be easy to
> migrate users from previous versions of Drupal. The upgrade.php program
> would grab the password field - MDF(pass) - and user id of each user,
> compute the new hash, and store that back into the password field.
>
> For brownie points we could add another step that runs the hash through
> a slower compression algorithm like Blowfish or Serpent. The idea is
> that if computing a hash is more expensive, we can foil dictionary
> attacks more effectively.
>
> What do you think?
>
> Daniel.
> --
> [ Drupal support list | http://lists.drupal.org/ ]
>

More information about the support mailing list