Last week was a terrible one for password breaches. First LinkedIn revealed that 6.5 million password hashes were posted online, and then came the news that online dating website eHarmony and streaming music site Last.fm had suffered similar breaches.
Are these breaches a surprise? No, not really. Websites entice customers by offering compelling features and services, and customers are rarely willing or able to compare the security properties of competing services.
Even if a website uses SSL to protect a password in transit, the password will typically be exposed on web servers and data centre networks every time it is supplied by the user before it is hashed for comparison.
Attackers often merely need to compromise an edge-of-network web server with some malware to steal every password as it is provided or to steal password hashes. Attackers may target what they perceive to be lower-security social media services, in the knowledge that the same password may grant access to higher-value services such as retail or banking.
Banks have known this for a long time; this is why they prompt for random characters rather than the whole password and rely on a wide range of security questions or one-time password (OTP) tokens.
It gets worse. ‘Hashing' a password means obscuring the original plaintext into a format that cannot be easily read; this is intended to be a one-way process which is very useful for storing passwords.
Instead of storing a user's actual password, you can simply store the hash and use this to check whether someone has logged on with the correct details. Some websites originally used the legacy MD5 hashing algorithm to protect passwords; however, advances in cryptanalysis and computing power often make it necessary to move to newer, stronger algorithms. Many have considered MD5 to be compromised for around a decade, but not all websites have upgraded to SHA-1.
Even using a stronger algorithm alone is not enough. ‘Salting' is the process of adding an additional layer of security by hashing the password with some additional random data to ensure the hash is unique and harder to crack. Unfortunately, some of the breached services (and doubtless many others) haven't employed this technique.
Websites may attempt to upgrade the security of weakly hashed passwords by storing a freshly hashed password when each user logs in. While this is good practice, special care is still required to ensure that any copies of the weakly hashed password are securely erased.
Techniques to improve security can include: prompt users for parts of their password rather than then entire phrase; minimise the reliance and exposure of passwords through the use of techniques such as two-factor authentication, certificate-based authentication or OAuth with associated strong cryptography; and deploy a dedicated authentication service to ensure passwords and their hashed representations are exposed in the minimum number of locations and can be securely erased when no longer required.
Websites can also encrypt hashes using techniques such as transparent database encryption with HSM-based key management to prevent their hash theft and to simplify the secure destruction of old hashes. Or they can replace any legacy hashes with randomly salted SHA-1 or SHA-2 representations at the next user log-on. Even better still, use a key-stretching technique to reduce the rate that an attacker can test for dictionary passwords.
As we move towards smartphones and tablets where apps are able to store credentials on behalf of users, we are finding that we all use our passwords less: perhaps only to authorise higher-value transactions or to enroll new devices.
In a world where the relationship between customers and service providers is increasingly spontaneous, passwords will remain a convenient catch-all credential until identity federation becomes ubiquitous. It's time for all of us to think much more carefully about how we protect both our own passwords and those of others we serve.
Mark Knight is director of product management at Thales e-Security