0

Suppose you store a bunch of hashed passwords, but your hashing algorithm gets broken. What is the best practice?

It seems like the only safe practice would be to take the old password hashes (hashed with the semi-broken algorithm Hash1()) and hash the hashes with a new hash, not known to be broken (Hash2()). And now when a user enters their password, you hash the entered password with Hash2(Hash1()) to see if it matches.

This seems like the only logical conclusion, but I've never heard of this recommended anywhere as a best practice. Is this a known best practice that's already documented somewhere? Or is there an error in this reasoning, or a simpler way to achieve the same thing?

tim
  • 29,018
  • 7
  • 95
  • 119
Bennett
  • 653
  • 3
  • 9
  • 6
    Duplicate of [Is there any recommended approach for "upgrading" MD5 hashes to something secure?](https://security.stackexchange.com/questions/127298), [How to upgrade the hashing method of a live database without compromising security?](https://security.stackexchange.com/questions/17268), [How to replace an old password hashing method with a newer one in software?](https://security.stackexchange.com/questions/90561), [Hash function change](https://security.stackexchange.com/questions/19310) and [more](https://www.google.com/search?q=site%3Asecurity.stackexchange.com+upgrade+password+hash). – Steffen Ullrich Apr 30 '19 at 19:45
  • I streamlined your question a bit by removing the thoughts about cracking stored hashes (that's clearly not a viable option) and the aside about salts which doesn't seem relevant. Feel free to revert if you think I removed relevant information. – tim Apr 30 '19 at 19:47

0 Answers0