0

i was wondering if this is a secure method for a hashing password.if it is not secure please tell me what to do in order to make it secure

$pass='test'//the password
$salt=openssl_random_pseudo_bytes(225);//generate salt
$pre_hash_pass=hash('sha512',$pass);//pre hash the password
$final_pass=hash('sha512',$pre_hash_pass.$salt);//THE FINAL PASSWORD

the result(cropped for it being too long ).the full RESULT(ON GOOGLE DOCS)

=m]ˆÂýÇâ&-Ù©Þ}§˜ü=l|‹|oÓÌ×±[ý’p'lJÛ|›¦nXÝx܆9óÔ¢¤ÿ‰"µ^¾õJ JI^íó,•±†û½L›T0*Stÿ#s´Ë§ÔMgå.£J§èeRzù/‡üœ¿ª¡ ǹáuT¯ '0¯ÄŒÐ²A@ü •uuYRpýš™ü5%P—í¬ïr‚×ODÜ—´“„?”öÛž;Bí#Þcõ&¾qLEâ« |Z¯ÔÐö%R•9âǸ—•êäxZ³ÎɶÉêS\™!qóœ[)ÚúÞçøƒŠº¾*Ü/X"Œê@µð¶¨$p1£B5iÚ Ú†õʬɦE3^ür¾auD»ëêA)d„ÏHzYÁepƒê¬~ô¡œ8e‡ñˆÖM&èæ<ëâM"-¹uSÂÖøsBŒiÓÑ!³ÊÅwÛö>kHåO'dyÁ(<Ýx´Ÿì¸¤˜)èÀ©@ëQæ‚Ëã:04q-‡è—žÄ­"tÌÀ±IŒW1p–̇bïV¢¼-$»¥ˆlË*Ê^¡´ZK ×±›mßhœôNþ`‰û§4p9 þ]Ùö®u*)ú24qØI£–]†#8kÐ>a…t fö¾¶+k—a ?L¯¶ƒÎµÜz‘k†—)+¥qþÞ \®qÔª|ãO¹¥ô?I°®íɨ‘‡3 dÿë€ìV&"+Ï}*L퀟h"p  Ø"ð¶Øäç6ˆkƒ¹òÓ@FK²Ä?åüï<:CˆšÛƒ1J®b™ý)žy´ÔĶa™_Áïx^—õö6Ãqc€õš¾©÷M—¡å´7ÁÑ©Nà›¶AÚ¢öEM:"¶Ž4iáîµ&Cþ²Pû¶££.ÿ *?©ñÞ`&ÞGøó§¦_B¸‡h–¦éÞæ'裩n¥êý5‘¿kcñV‰1?xçÛ#”C0ÒÁià¿0Ÿ¥çWdŘ]íhæS'ã'–ÿðò§ü‡ì¨šãfïï Á0ó7kÀ%±N“£\Br)"úkl슢˜˜[’€:º–Í  GaùÛaçˆwsÔÚ‚õòSd›±ltWZ›è_¹ªÿã§%ÉÞxŸKÊMUYÜJ@Šý+BBL¤®Š±    „¼‚ÈûæÀŠBñã“„º/oú–·fJäƒrÀ°‡¤N2¸×kìô"aõÙ%ÚÂWŸÿ–†Œ»Còc?…£Rw4ËZ_W§{b™”î—/ľ›:ºj;U.½ÓM “É¥8T37?¿UÃh5Ľ>éÎÔášÄxÀ¥ä·$í÷äÕÖ·¿Oowç<ÖÅ!XNâjW”öb1GâÔ¯yYÇ+¶pL´[sŠÍT.×KXNK“kh-ñ@bÌÜ^Ü÷]é ¿}fkøD‡0GE îŽï˜;pÂsŠ¶ZfÀ§1gjõÂcøwãj•‡'BšÓ{»£¬²BhaA2ÿT Ë~S{‹øÏàïnñhÁn ýˆÜzŽ*`5ÉŽAsqaùðĶü¿ƒ 5g>ë¥Uå!-£SÂr–ELÿ*à&;½¤&›y™Ž6¼³ªø ȮMP÷G©‹:ø_•ÜAaA«jb;‹¨ÓŠĹ‰¤¼l*S ï?ö„óÑ    žsÌ=,&å x— a´è2éòyÄlÝŠ*žÄ¥ÆnÀ¨ã³¡ ÝòÆFƒDÁ*D   ;™±™½fÀßÃ¥‹{â«ZËÅøÁY‚Œ”².—ÆÀMuüÃÙR™;c6ì€Î®û°Éƒ„bЖ{íWáßõíì’¬¾ßaÙ°^læ¿r{ƒ,ãaì?ZÞ‚á>m9‚€’ѧÑú\VFÏ\b¶c'E¨)óå€Â˜¾bæ¿;nðî¶Äê=fè8cÊ©"¹K sF¢Æš³   ²ˆô6*®&Øç$î6ÐZÆú”Ž‹S¹)šå‡j¶ý¥¹3áBy+ìç°ÏHHg®™:ä`Oà^4Æ–(Øx$…ÖýdÎÞfvr"ÙCU¼Áë¸;½›ÂMy.fRlÓûñ9HÕ6V•.–‚“3¬ig_HSÀíñæ…ïþ­qž—7¾_;ó«(«ãøguBš"ã·pÓïvŠªÜ²•tÚÒ=Jî„d|¤MxžŠÝ’Œ>(K_>ÏQl¯?2šËŒÂ(twQû¡&­ÌøŸ=Þ‹%âAœ LÇNjnYNæø }iÏaQx‘dO6ô¬z`oÔÝ.Ç"~]1¼@Ô¸tÏnÀZì»g¤'ãÜÆ' MbOÆ@R,I.ŠhéD›PAn'3áyþ‡5±+  xßM|T‘~Ð3¦èd-ï`S•![¹·)ÓÿQ'!‰]½+lkŸ+©àtk«HÂË»Œ"Zï¨ÓCú «@
Dev Man
  • 113
  • 5
  • 1
    No, it is not a valid method. The threat model of password storage is that the attacker will have access to the database and to the source code. He will be able to test candidates passwords and verify with the hash. This is why you salt the password in the first place, to slow him down. With that in mind, it will still be very fast for him to discover weak passwords with your scheme. Use bcrypt or PBKDF2 with many thousands of iterations. – Yolanda Ruiz Feb 25 '14 at 19:15
  • @YolandaRuiz Technically, the purpose of a salt is not to slow the attacker directly, but to prevent identical passwords from producing identical hashes, which eliminates common shortcuts such as precomputed lookup tables or password comparisons. – bonsaiviking Feb 25 '14 at 19:18
  • @YolandaRuiz `it will still be very fast for him to discover weak passwords with your scheme` my application doesnot allow password leghts below 8 characters also the application needs at least one uppercase,one underscore `_` and the password has to be a alpha numeric password – Dev Man Feb 25 '14 at 19:32
  • @Mr.coder: It's good to enforce password complexity if the users don't complain. You should still follow the industry standards because you'll have plenty of `Passw0rd_` or similar workaround the restrictions. Also you should not restrict input to alphanumeric, users should be able to use any special chars like `;@"'|` etc. – Yolanda Ruiz Feb 25 '14 at 19:52
  • @YolandaRuiz thats not what i meant by `alphanumeric` what i meant was like this: P@ssword_123 – Dev Man Feb 25 '14 at 20:07
  • Jeaus Christ! Is that a 2040-bit salt? Why?! – Adi Feb 25 '14 at 20:16
  • @Adnan iw was initially set to `rand()` hence the 2040 bit salt but scalled it down to `225` chars – Dev Man Feb 25 '14 at 20:18
  • Sounds fine. Where are you going to store the salt? – Sandokas Feb 25 '14 at 18:08
  • im storing it in a mysql db but do you think that there are any vunerabilities ?anything at all – Dev Man Feb 25 '14 at 18:14
  • You could hash multiple times (more than just 2). Pick a random number like 53 or something. Makes it harder to crack if the DB gets exposed – CtrlDot Feb 25 '14 at 18:17
  • Like @CtrlDot says, if you're storing the salt in the same place as the username you might want to be a little tricky on the salt usage. If db gets compromised but code doesn't it might be harder to guess the encryption sequence involved. Your code is valid nevertheless. – Sandokas Feb 25 '14 at 18:25
  • The code is correct, I am just presenting some ideas on enhancements. You could move away from SHA512 to something like bcrypt which takes a lot more memory/cpu to hash than SHA. Depends on your usage requirements tho... – CtrlDot Feb 25 '14 at 18:33
  • @Sandokas No, this is not fine. A password hash needs to be slow. Please read the duplicate question. Mr.coder: such password rules tend to be counterproductive: everybody makes the first letter uppercase and adds `1` at the end. [It's easier to memorize high-entropy passwords that are purely alphabetic](http://xkcd.com/936/). – Gilles 'SO- stop being evil' Feb 25 '14 at 20:21

1 Answers1

4

This is not secure. You have only 2 rounds of SHA-512, which is not computationally complex. Your salt is also a variable length (between 0 and getrandmax() bytes), which means storage will be unreasonably large (an average of 16 kilobytes of storage for each password?!).

Please do not attempt to create your own password storage system. Use one of the proven solutions: PHPass, bcrypt, PBKDF2, or scrypt

bonsaiviking
  • 11,316
  • 1
  • 27
  • 50
  • i need something that is native to php so if you could rule out the solutions for which i need to install something it would be very help full – Dev Man Feb 25 '14 at 19:22
  • @Mr.coder The bcrypt and PBKDF2 links are directly to php.net, so I assume they are included. – bonsaiviking Feb 25 '14 at 19:31
  • `Your salt is also a variable length (between 0 and getrandmax() bytes)` in place of `rand()` it is actually `225`.does it make any difference – Dev Man Feb 25 '14 at 19:37
  • @Mr.coder That was really the least of your problems, but yes, a fixed-length salt is better for database storage. Really, really, *really* do not write this yourself. Use an established method or you will regret it. – bonsaiviking Feb 25 '14 at 19:44
  • 2
    ok switching to bcrypt – Dev Man Feb 25 '14 at 20:10