MD5 Passwords in MySql?
Adam Tauno Williams
awilliam at whitemice.org
Mon Mar 25 07:50:26 EDT 2013
On Mon, 2013-03-25 at 11:40 +0000, Charles Bradshaw wrote:
> Yes I understand and accept the weakness of MD5. In the world of
> exponentially increasing processing power there will always be weakness,
> of ANY scheme.
> The question is not however about the efficacy of encryption methods!
> It's about how to achieve password hashing in a mysql database.
> I have indicated how to use AES. Its' strength however is compromised by
> the necessity of revealing the key in many places.
> I would be most great-full, if anybody KNOWS:
> Is there a way to store MD5 hashed passwords when using the mysql
> plugin?
I have no clue. BUT I still wonder what the end-goal is. If you are
actually worried about theft of the underlying database then it would
seem volume encryption is the correct answer - encrypt the entire
database, on disk. That isn't hard and doesn't require modification of
any software.
Anyway, storing essentially clear-text credentials in the authorization
database (be it a KDC, an LDAP server, an Active Directory server,
etc...) is normal, accepted, and common. Most worthwhile authorization
schemes require an 'effectively' clear-text secret on both ends. Guard
the credential database and ensure communication channels are secure
[encrypted]. "Make /etc/passwd useless" is an abandoned meme, you
cannot win that fight.
> Security through obscurity is always a bad principle.
No one here is recommending that or stating that it is.
> On Mon, 2013-03-25 at 08:59 +1030, Daniel O'Connor wrote:
> > On 25/03/2013, at 7:33, Charles Bradshaw <brad at bradcan.homelinux.com> wrote:
> > >> That seems very wrong to me.
> > > It might be a kludge, but it's not wrong. It avoids storing plain text
> > > passwords, which are always a risk. The purpose of MD5 digest is to make
> > > passwords truly private to the user. Not even root knows users passwords
> > > when stored in shadow(MD5).
> > > The only risk to shadow passwords is a brute force attack which is
> > > relatively easy to detect and foil.
> > FYI a single round of MD5 is considered quite weak these days.
> > The whole point of hashing a password is to make it difficult to find a password if the password DB is leaked. MD5 is no longer sufficient for this (even with salt).
> > A modern GPU can brute force billions of passwords per second and humans suck at generating them.
More information about the Info-cyrus
mailing list