In today’s digital world, data breaches and cybersecurity incidents have become all too common. One of the most critical aspects of securing sensitive information is how user passwords are stored.
The best practice for safeguarding passwords is to store them as hashed values, rather than in plain, readable text. Storing passwords as hashes provides an essential layer of protection that can significantly reduce the risks associated with password exposure in the event of a breach.
In this article, we’ll explore why password hashing is so important, delve into the mechanics of password hashing, discuss various types of hashing algorithms, and examine why breaking a hash is a resource-intensive and time-consuming process.
We’ll also touch on a notable security failure from Facebook, where millions of passwords were stored in cleartext, leading to a massive fine by the Irish Data Protection Commission.
What is Password Hashing?
Password hashing is the process of converting a password into a fixed-length string of characters, which is typically unintelligible to anyone who does not have the original password. Hashing functions are mathematical algorithms that generate this string (called a “hash”) from the input data (the password). Once hashed, the password is extremely difficult to reverse-engineer or “unhash,” making it a more secure method of storage.
One key distinction between hashing and encryption is that hashing is a one-way function. In other words, once a password is hashed, it cannot be decrypted back into its original form. Instead, when a user logs in, their password is hashed again and compared to the stored hash. If the two match, the login is successful.
Why Storing Cleartext Passwords is Dangerous
When passwords are stored in cleartext (i.e., without any encryption or hashing), they can easily be stolen and used if the system is compromised. Any hacker or malicious actor who gains access to the database would instantly have the ability to view the passwords and use them to break into user accounts. This becomes even more dangerous because many users reuse the same password across multiple sites. A breach in one system could lead to vulnerabilities across several platforms.
Moreover, storing cleartext passwords exposes businesses and organizations to legal and regulatory repercussions. A prime example of this is Facebook’s security blunder, where it was discovered that the social media giant had been storing millions of user passwords in cleartext.
Facebook’s Cleartext Password Scandal
In 2019, it was revealed that Facebook had stored hundreds of millions of user passwords in cleartext within its internal systems, making them accessible to over 20,000 employees. This scandal caused a major outcry over Facebook’s lax security practices. Given the sensitivity of user data and the fact that Facebook handles billions of user accounts, the lack of even basic security measures like password hashing was seen as a major violation of trust.
The Irish Data Protection Commission (DPC) conducted an investigation and, as a result, Facebook was fined €265 million under the General Data Protection Regulation (GDPR). This incident highlighted the risks of storing passwords insecurely and emphasized the importance of best practices like hashing to protect users’ privacy.
Common Hashing Algorithms
There are several types of hashing algorithms used for password security, each with varying levels of complexity and strength. Here are a few of the most common ones:
- MD5 (Message Digest Algorithm 5): MD5 was once widely used but is now considered obsolete for password hashing due to its vulnerability to collision attacks. MD5 produces a 128-bit hash value, but because it’s relatively fast and has known weaknesses, it’s not suitable for storing passwords securely.
- SHA-1 (Secure Hash Algorithm 1): SHA-1 produces a 160-bit hash value and was widely used for many years, but it too has been found to be vulnerable to attacks. As of 2017, researchers demonstrated successful collision attacks on SHA-1, making it unsuitable for secure password storage.
- SHA-256: A member of the SHA-2 family, SHA-256 is far more secure than MD5 and SHA-1. It produces a 256-bit hash and is widely used in secure systems. However, it is still relatively fast, which makes it vulnerable to brute-force attacks without the addition of other techniques like salting.
- bcrypt: bcrypt is designed specifically for password hashing. It incorporates a salt (a random value added to the password before hashing) to prevent precomputed attacks (such as rainbow table attacks). Additionally, bcrypt is designed to be slow, making it much more resistant to brute-force attacks compared to MD5 and SHA-1.
- Argon2: Argon2 is one of the newer password hashing algorithms and was the winner of the Password Hashing Competition in 2015. It’s specifically designed to resist GPU-based attacks by being memory-intensive. Argon2 allows developers to configure its performance, balancing between time complexity and resource usage.
Why Breaking a Hash is Time-Consuming and CPU-Intensive
Breaking a hash typically involves reverse-engineering or brute-forcing the original password by trying various combinations. Since a hash function is one-way, the only practical way to break it is by trying multiple possible inputs until the correct one is found. There are several factors that make this process difficult:
- Brute-Force Attacks: A brute-force attack involves systematically guessing every possible combination of characters in the password until the correct one is found. The time required for a brute-force attack depends on the length and complexity of the password. For instance, a password containing numbers, uppercase and lowercase letters, and special characters will have significantly more combinations than a simple alphanumeric password, making it harder to break.
- Salting: A salt is a random string added to the password before hashing. This ensures that even if two users have the same password, their hash values will differ. Without knowing the salt, an attacker would have to try many more combinations, making their task much harder.
- Iteration Count: Algorithms like bcrypt allow for increasing the number of iterations, meaning the hashing function is applied multiple times. This makes the process slower and more resource-intensive, further deterring brute-force attacks.
- Computational Cost: Algorithms like Argon2 are designed to be computationally expensive, meaning they require significant CPU or GPU power to compute. This makes them less vulnerable to attacks that use specialized hardware like GPUs or ASICs.
Tools for Hash Cracking
Even though password hashes provide a strong level of security, attackers with sufficient resources can still attempt to crack them. There are several tools designed for breaking hashes, the most notable of which are:
- Hashcat: Hashcat is one of the most popular password-cracking tools. It supports various types of hashes, including MD5, SHA-1, and bcrypt. It is known for being able to utilize both CPU and GPU power, making it very fast and versatile for brute-force and dictionary attacks.
- John the Ripper: Another widely-used password cracking tool, John the Ripper specializes in cracking password hashes and can work with a variety of algorithms. It is often used in conjunction with other tools for penetration testing.
Conclusion
Storing passwords as hashes instead of in cleartext is a fundamental aspect of modern cybersecurity practices. Hashing ensures that even if a database is compromised, the passwords themselves remain protected.
Tools like Hashcat and John the Ripper demonstrate the lengths attackers are willing to go to break hashes, but using algorithms like bcrypt and Argon2, along with techniques such as salting and iteration counts, make the process significantly more difficult.
The Facebook cleartext password scandal serves as a stark reminder of the consequences when basic security practices are ignored, underscoring the importance of hashing for safeguarding user data.
