PHP password_hash and password_verify incorrect false positive?

Question

im new to PHP password functions, but this seems incorrect to me.

";

$should_fail = $pw . $peppa . ".1asd223";
echo password_verify($should_fail, $passhash);

?>

As you can see im adding some additional random characters to the end of my should_fail test against password, but its still returning True for a match

I would exepct this to fail as there are additional characters at the end that shouldnt match the original... am i missing something obvious here or is this a bug in php (possibly my php)

Version 15.6.30

martinstoeckli · Accepted Answer

As MarkBaker already mentioned in his comment, this is a limitation of the BCrypt algorithm, which truncates passwords to 72 characters. For passwords this is more than enough and not a security problem, but in your case it seems you reach this limit because you want to add a pepper.

Never should a password be truncated because of adding a pepper. A pepper can increase security of weak passwords. Assuming that the pepper is of reasonable size, passwords which reach the limitation are very strong, and for those passwords a pepper is not necessary. So if you put the pepper at the end, you loose a part of the pepper, which is better than loosing a part of the password.

That said, there are much better ways to add a pepper. You get the same benefits from encrypting (twoway) the hash with a server side key. This key is actually similar to the pepper, but you have the advantage that you can exchange the key whenever this seems necessary (a pepper becomes part of the password and cannot be changed until the next login). I tried to explain this at the end of my tutorial about safely storing passwords. If encryption is not an option for you, then at least use a HMAC to combine the pepper with the password.

PHP password_hash and password_verify incorrect false positive?

Answers (1)

Related Questions