Login-only password security?
I am working on an admin page in PHP where the user system seems overkill. I was thinking that I only need one password to access the admin page, but I'm not sure how secure it is. I don't see any particular security issues that might arise, can anyone else think of any?
Edit : "user system is full". I meant that there can be no more than one user.
source to share
To summarize what others have said: Ok, so far the password is not easy, but more vulnerable to brute force attacks.
Decision. You can apply the password complexity policy and you can activate further login attempts - make a mistake once, the next login is artificially slowed down by 4 seconds. Do this again, 8 seconds, etc.
Option: use two fields - username and password, but make user also a static value such as password. Twice guessing, twice the effort, twice the security (and twice the hassle for users ..)
Actually, you can use CAPTCHA. This would greatly hinder brute force attacks.
source to share
Password complexity aside, there are two problems:
- Passwords must now be unique
If you have a user + password, users can have the same password. They should all be unique under your model.
- Limited traceability
Good reason for user accounts to find out who is doing what. You remove this, a bit, with a shared password, as you have to assume, again, a one-to-one match between them and the users. This may or may not be a problem.
For some of my admin pages, I don't really have a "user" as I have two tokens to enter (because I am the only admin).
For regular human subscribers, and if the password is entered by them, this is not an appropriate plan. If it's only for your admin pages for you, and you create passwords of the appropriate complexity, life is good.
source to share
It suffers from the same issues as a generic login, making it impossible for a specific user to be invalidated (if someone leaves, the user's computer is compromised, etc.), as well as the issue of more open access to brute force attacks (as mentioned by others ). In the meantime, there is no need to know about it. ”
Something simple that doesn't seem to need a full user / pass system, why not use the HTTP Auth built into the server? Easy to configure, does not require sharing, but does not require additional code in the admin script.
source to share
I believe that having a single password makes the system more secure (at least) if both passwords and the system are protected.
The reason is that when you have multiple users, one of them with the wrong password requires a "weak link in the chain"
However, nothing wrong with this happens as long as there are important security measures in place - and keep in mind that brute coercion is easier (so make sure it's impossible / ineffective)
source to share
I would have thought that for your admin page (one might think the most secure page) that you need very tight security?
If your "admin" user has a "hard to find" username and is paired with a very strong password, I think it would be a better system.
Ideally, I think you would like to have a complex username and password:
eg.
Username: e4t_Gjw3@gp
Password: q!-gr7cBFL045$bd
Update: Based on the comments I thought I would cover why user + pass is more secure than the "e4t_Gjw3 @gpq! -Gr7cBFL045 $ bd" pass.
Both username and password don't double the security, it does a lot more.
Imagine usernames and passwords are both 3 characters (from AZ) and case insensitive.
To guess the password using brute force, you need up to: 26x26x26 = 17,576 tries.
Only guess the username, the same conditions: 26x26x26 = 17,576 attempts.
If , you had to guess both, but they weren't supposed to match, that would be 17.576x2 = 35.152.
However, if you need to guess the username and find the matching password, it looks more like:
17,576 usernames * 17,576 passwords = 308,915,776
Of course, if you have up to 16 character names (considering case sensitivity, numbers, punctuation, etc.) and the same for passwords, the number of Insanely Huge capabilities and therefore ... safe.
Update2: I seem to be missing the key bit input of the information I was trying to convey in my update. On most systems I've seen or created, the username and password fields have a size limit built into SQL columns of 32, or 40 or X characters. In the ones I've seen where there is only a pass column, the size usually doesn't double up to 64 or 80 characters.
Obviously, the pass-only column and setpoint could be doubled in length to account for the lack of a username, but I've rarely, if ever, seen it.
source to share
As Jake said, there are many reasons not to do this, but it depends on what your application is doing. You need to do enough to distract amateur hackers. Make sure the admin is using a strong password - 10 digits, at least one capital and one character or something.
Most security experts will frown anyway.
source to share