PHP and MySQL Salt Security Question

Question

What if my server gets hacked and the hacker views my hashed passwords and can see what salt I was using.

Is it something to worry about?

Answer 1

If you're using only one salt for all passwords, a hacker can pre-compute a salted rainbow table, which will give him access to all passwords rather quickly.

You can use a random salt for each individual password, which means a hacker would have to compute such a rainbow table for every salt, in effect brute-forcing every single password, which would slow him down quite significantly.

You can further slow him down by using a deliberately slow hash that will slow down brute-forcing to a point where it may become infeasible. MD5 is the worst choice because it's really fast (and broken to boot). The SHA family was also designed to be fast, but is a better choice. Bcrypt or generally the *fish family is decent, but support among systems and languages varies. Be careful to use a hash variant of *fish, since they are also used for encryption (can be reversed).

See http://blog.phusion.nl/2009/08/13/securely-store-passwords-with-bcrypt-ruby-now-compatible-with-jruby-and-ruby-1-9/.

Answer 2

If the hacker has gotten into your system and has access to the database then its "game over" as far as your users privicy is concerned! The hacker has everything he wants except the users passwords which dont give anything he hasnt got already apart from the opperunity to spoof a user access --> which he can do very simply by putting his own hash and salt in the database!

So yes MD5 plus salt is "good enough" security in this case.

Answer 3

I am not an expert in this subject, but this is my understanding:

Given a salt, an attacker can build what's known as a "rainbow table", that's basically a reverse of the hash function. With this table, they can lookup an encrypted value in the table and get back an input password such that hash(password + salt) = encrypted value.

However, while lookups are quick, rainbow tables are very time consuming to build. A simple thing you can do is to generate a salt value randomly on a per-account basis and store it alongside the encrypted password. That way, if an attacker wanted to get passwords out, they would have to build a rainbow table for each user as opposed to building one site-wide.

(Having a salt is still much better than nothing because that way an attacker has to at least generate his own rainbow table as opposed to just downloading a stock one).

More information, and probably a better answer

Answer 4

Essentially the salt just makes the password stronger. It won't aid in the decryption of individual passwords if he has whatever your passwords are stored in and can run brute force attacks he can just figure out the salt when it ends up being the same in whatever passwords he decodes.

http://pbeblog.wordpress.com/2008/02/12/secure-hashes-in-php-using-salt/

This article has a pretty good explanation... so yes if the hacker can see your source code you should be worried but the salt alone isn't a big deal.

Answer 5

Yes. He'd still need to reverse the hash, which isn't easy by any means, but now he knows a key part of the plaintext. The salt plus a dictionary attack is much more likely to succeed than snooping over the wire (with no knowledge of the salt) would be

Answer 6

To see the salt he must have the source code, and when he has it, there are at least some things to worry about - he will see the mechanism responsible of creating password and a way of salting them.

Answer 7

It is not supposed to be a problem. The idea with salt values is that it prevents a rainbow attack (using precomputed values). So knowing the salt value does not expose a problem.

Answer 8

Yes it is. Now hacker can bruteforce them (if he knows how actually you salted the passwords).

Nothing more to worry - since you're using the salted passwords more intelligent attacks (other than bruteforce) cannot be applied.