How to hide password from Post request url and browser dump

Question

This might be an old question but i still didn't find proper answer for this question, so please be patient. I have a https login page,which is using a form post method and sending the credentials to the server...blah blah.

At the time of login, if you use IE and F12 for network monitoring, click start capturing. You can see some URL which has similar to login, servetloginauth(from gmail.com) and you can see the request body with your username and password. Okay, one can argue, that only if the user didn't logout you can see that.

Now logout and don't close the browser and get browser dump(any browser, any version) off of Task Manager(i'm not sure how to do the same in Mac). Use WinHex editor to open the dump file and do Search/Find: "password=" or the actual password(since u r testing your own login, you already knew your password). You can see the password in clear text.

Now my question is, How can i mask the password: 1. Either in the Post request URL 2. Or when the browser is saving my credentials to the dump, i neeed it to be masked/encrypted or should not save the password at all.

My code for jsp:

<s:form id="login" name="loginForm1" action="login" namespace="/" method="post" enctype="multipart/form-data" >  
      <fieldset><!-- login fieldset -->
        <div><!-- div inside login fieldset -->
                <div....
                  <label for="password" class="loginLabel">Password</label>
                  <input type="password" name="password" id="password" class="longField nofull absPosition" size="16" autocomplete="off" alt="Password" placeholder="Password" title="Password|<

Current solution i have as below, but i need any alternatives without much effort.

The password can be read from the memory if it is being sent as cleartext. Using the salted hash technique for password transmission will resolve this issue. Hashing is a cryptographic technique in which the actual value can never be recovered. In the salted hash technique, the passwords are stored as hashes in the database. The server generates a random string, salt, and sends it along with the Login page to the client. A JavaScript code on the page computes a hash of the entered password, concatenates the salt and computes a hash of the entire string. This value is sent to the server in the POST request.

The server then retrieves the user's hashed password from the database, concatenates the same salt and computes a hash. If the user had entered the correct password, these two hashes should match.

Now, the POST request will contain the salted hash value of the password and the cleartext password will not be present in the memory

SHA 256 is a strong hashing algorithm available today – readymade implementations in JavaScript are available and quoted in the "Good Reads" section.

Note: For pages containing sensitive information or pages wherein data can be modified in the database, use JavaScript to flush the memory of the browse

and the images are as below.

On an additional note, i can settle with something Citibank did for their customers on their website. I logged in the website and in the dump i see my username is masked(as it appears in the website), i need something which does the same to the password field too. can someone explain me how to do it please.

Answer 1

What you are suggesting has a serious security flaw. If you calculate the hash on the browser and then send to the server (without the password) then the server can't trust that the browser actually calculated the hash. A hacker might merely have read the file of hash values and construct a program to send the hash value in. The security comes from the server (a trusted environment) having the password which can not be guessed from the hash, and then proving to itself that the password produces the hash.

If you send both the hash and the password, then you have not solved your problem about the password being available in clear text.

There would seem to be a way if you hash the password multiple times. You can hash the password once (or more times) on the browser, and use that for subsequent hashing calls on the server. It seems normal to hash multiple times (although it is unclear how much this really makes it more secure). The point is that the browser would be holding an intermediate value which would not tell you the password that the user typed. It would, however, still tell you the value that you need to send to the server to authenticate the user. That value is infact a proxy for the password, and is usable as a password in calls to the server. But ... it is not the password that the user typed in.

One final way looks that it might work: use an asymmetric encryption. The server provides a salt value and a public key. The password is encrypted using the public key, which can only be decrypted by the private key that is held on the server. Because the salt value changes every session, the encrypted value held in memory itself would not be usable across another session. The server decrypts the value, extracts the salt, giving it the password from which to go ahead and do password authentication.

Answer 2

You have to device for how the passwords are stored in the database. There are multiple ways to do this, but there is no way you can create anything that is IMPOSSIBLE to hack/read.

However, you can limit MITM attacks by hashing the password X number of times before sending it to the server. When the hash is recived by the server, you do X number of new hash rounds. You should also figure out a how to manage your salt.

This should be sufficient for most applications. Also this is how most application does it these days.

gpEasy: http://gpeasy.com/ does this by hasing Sha-256, 50 times on client side. Then another 950 rounds on the server. In total 1000 rounds. This also includes a salt which is calculated by its "current hash"

def hash(self, pw, loops = 50):
    pw = pw.strip()

    for i in range(loops):
        salt_len = re.sub(r'[a-f]', '', pw)

        try:
            salt_start = int(salt_len[0:0+1])
        except ValueError:
            salt_start = 0

        try:
            salt_len = int(salt_len[2:2+1])
        except ValueError:
            salt_len = 0    

        salt = pw[salt_start:salt_start+salt_len]
        pw = hashlib.sha512(pw.encode('utf-8') + salt.encode('utf-8')).hexdigest()
    return pw

This is a version of the mentioned algorithm for calculating hash with a salt from the first numbers in the hash.