Do bad passwords produce bad salted hashes?

Question

When you have a password stored in a database that has been strongly hashed and salted does it really matter if the underlying user password is weak?

If you setup features like limiting login guessing and use captchas to stop automated guessing can you effectively make up for a weak password such as "password"?

I guess my question is does using a password like "password" make the salted hash any weaker than using a longer password such as "fish&*n0d1cTionaRYatt@ck"? - Are all salted hashes equally as secure or does it depend upon the password being a good one?

Answer 1

Salted hashes are designed to protect against attackers being able to attack multiple hashes simultaneously or build rainbow tables of pre-calculated hash values. That is all. They do nothing to improve the underlying strength of the password itself, weak or strong.

This also means that they're not designed to defend against online attacks, so they have no impact on an attackers ability to manipulate your login form, where the salt is irrelevant, because an attacker isn't computing hashes directly, but entering candidate passwords into a form that may be (as you said) rate limited or protected by a captcha.

Weak passwords are weak. Strong passwords are strong. Salts don't affect this equation in any way.

Answer 2

You have to consider two attack vectors:

• Online attack
• Offline attack

Limiting login guessing helps against Online attacks.
Let's say it's three times, this means that an attacker can test ALL accounts for the three most common passwords that fit your password policy (how about "password", "12345678" and "12345"?).

Salting helps against Offline attacks
Same unsalted hashes are the same cleartext password. So every hash has to be computed once, not once for each salt. Even with a salt, the attacker can still try a dictionary attack, and no one (except his limit of computing power) will stop him, because your "three strikes" rule won't apply here.

Weak passwords reduce security in both cases
Online attack: If you allow common passwords (like "password" or "12345"), attackers will be able to break into 5% of your accounts in three guesses.
Offline attack: Here, they will also try the most common passwords first, of course. So if they compute 3 hashes per user, they have already broken 5% of the accounts...

Answer 3

Salting/hashing is great if your database gets stolen, but it has nothing to do with dictionary attacks that might take place through the normal login procedure.

As you mentioned limiting the number login attempts and using CAPTCHA can make dictionary attacks that take place through the normal login procedure ineffective, but salting (or not) won't have any effect on that type of attack.

Even with the limited logins attempts and CAPTCHA in place, allowing super weak passwords is not a good idea, and if a malicious user is determined enough or sees enough value, they can find ways to exploit that weakness.

Answer 4

No, one point of salted hashing is to get good randomness in the hash regardless of the starting material.

However, this does not free us to use bad passwords. Good hashing only protects against one attack vector: that where the intruder steals the file with the hashes. So many other attack vectors on passwords exist... shoulder surfing, brute forcing, modified brute forcing (with intelligent starting guesses and so on)... that good passwords are still important.

Salted hashing will protect good passwords but won't rescue you from bad ones.

Answer 5

Generally, the most important thing is password length. But it is true that an easy password could be broken down easier than a random one. For example, when you are trying to guess a hash using rainbow tables. If it is a normally used word like "cat" it is more likely that you can have it in this table than "07OFmy3HOY3l9e1gCNww7nNpd5lQ8I9an" ;D

Answer 6

In theory:

If the attacker has not built a rainbow table, if a password of some strength can be hacked in 1 unit of time, then N passwords of that strength can be hacked in O(1) time without salt and O(N) time with salt. That's what salt does. No advantage on a fixed password; shows advantage over multiple passwords.

If the attacker has a rainbow table, without salt, a weak password - in this case "weak" means "already in the rainbow table" - is as good as naked. With salt it will still need to be cracked in however many seconds that might take.

In practice: Password strength is way more important than any of this. Sometimes rainbow tables are mere convenience; if you have a million passwords that weak, they're permeable even salted.

Answer 7

If you picked one of the three weak passwords "love", "dog" and "cow", and a password database was lost: Without salts, I can try these three passwords and find immediately everybody in the whole database using these three weak password. With salting, I have to try love+your salt, dog+your salt, cow+your salt to crack your password if it was ridiculously weak, then repeat the same with everybody in the database.

If a hacker attacks you specifically, then salting doesn't help. It only helps by making it impossible to attack the whole database, instead requiring an attack against each individual user in the database.