Clever Geek Handbook

Bcrypt hash of both email address and password

I am creating an anonymous site. So basically, a user account cannot be traced back to an actual person (eg via email). Authentication is the part I'd like to think about. If I use an email commit / pass for authentication, can I use bcrypt to hash both the email and the password (I know this is possible, but how practical is it)? I thought that if the email is encrypted then it will be very slow to search db to find a match. Is this true / false? What do you think? Any other ideas? Basically, I am open to any ideas on how to authenticate, but if it is authenticated with email then it cannot be revealed / can be decrypted. Thank!

+3


source to share


2 answers


Once you do something, the original can never be restored.

Let's take a password, for example, usually when a user signs up with an email / password, you get a password (with something like bcrypt) and then store the hash in your database. This is great because if an attacker obtains a copy of the database, there is no way to "decrypt" the hash.

In your situation, you probably DO NOT want to hash the email, because that means you can never send an email to the person I assume you would want to do.



If you choose to go this route, you will simply store two passwords for each user (which is the closest analogy I could think of, sorry!).

Hope it helps!

EDIT . The best way to do this is to create a new account provided with ONLY a password - and then you will automatically create a username for the user. This is what companies like privateinternetaccess.com do - they generate a random username for you - that way you can't reach the user, but they can still log into your application securely.

+1


source


I don't see any problem with your idea (assuming you never want to send email to the user asynchronously).

Login:

  • The user enters a registration form with plaintext email and plaintext (of course you are using good TLS transport encryption).
  • eh = h (email), ph = h (password)
  • retrieves a record from the user's database, where eh == stored_eh
  • compare ph with stored_ph

forgot password: the moment a user submits a forgot password form with his cleartext email address, you have his email. compute eh, lookup profile, generate onetime token, store it in profile and post it to your email address. it can use a token to determine a new password.



change your email procedure: similar to above, you have old / new hadrons with clear text at the time of form submission.

Notes:

  • the db lookup in step 3 is no slower than using the plaintext search key
  • for 2 and 4, use some sane code from a well-maintained library (scrypt, bcrypt, pbkdf2, sha512_crypt, not just a salted hash)
  • If an attacker gets your database and has a list of potential admins via email, he can easily find out if you (some) have them as users and define their custom entry in his db. if this is a problem, perhaps you can use h (email + password), but then there is no way to recover the password.
+1


source






More articles:


All Articles