1. You should never store passwords themselves, even if encrypted, if the encryption method is reversible.
  2. You should only store the result of combining the password with a per user (derived) salt and passing it through a slow, one-way encoding algorithm.
  3. To authenticate, you obtain the password combine with the derived salt and encode again. If the result matches the stored value, you authorise.
  4. To handle the forgotten password scenario, you generate a random password, encode and replace the encoded token in your database.

    Get the randomly chosen password to the user somehow* and then force them to change it immediately the first time they log in.

    Preferably, they should have to log in and choose their new password within a short time period; and where possible, from a previously known location/machine.

In this way, if your datastore for the encoded authentication tokens is ever stolen, the thieves would have to brute force every single token, because although the encryption method is the same for every token, and they may have also determined the derivation of the salts, the salt is different for each user. Thus they cannot just encode a dictionary of pass phrases with a single salt and search the database to see if any of the tokens match the result.

Ie. They would need to encode every word or phrase in their dictionary with the derived salt for each and every account. Choose a nice slow encryption mechanism and it becomes too time consuming to bother.

With the rise and rise of 'Social' network sites: 'Computers are making people easier to use everyday'
Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.
"Science is about questioning the status quo. Questioning authority". The enemy of (IT) success is complexity.
In the absence of evidence, opinion is indistinguishable from prejudice.

In reply to Re: OT: Storing encryption keys securely by BrowserUk
in thread OT: Storing encryption keys securely by Beatnik

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.