Salt for user passwords

[GoogleCodeExporter]

For me the biggest reason for me that I have to avoid yii-user using, is that 
my app specification stands, that salted passwords store is critical, please 
add salt support for passwords.

Original issue reported on code.google.com by darek....@gmail.com on 2 Mar 2011 at 1:30

[GoogleCodeExporter]

Suggestion: change UserModule.php:

...
    /**
     * @var string
     * @desc hash method (md5,sha1 or algo hash function http://www.php.net/manual/en/function.hash.php)
     */
    public $hash='sha256';

    /**
     * @var integer
     * @desc number of iterations for hash method - should be at least 1000
     */
    public $hashIterations=1000;

    /**
     * @var integer
     * @desc length of hash (should match database field length)
     */
    public $hashLength=128;

    /**
     * @var string
     * @desc salt for hash method
     */
    public $salt='gJM3qmf[{DF,a@Vk-#),';
...
    /**
     * @return hash string.
     */
    public static function encrypting($string="") {
        $hash = Yii::app()->getModule('user')->hash;
        $salt = Yii::app()->getModule('user')->salt;
        $hashIterations = Yii::app()->getModule('user')->hashIterations;
        $hashLength = Yii::app()->getModule('user')->hashLength;
        return self::pbkdf2($string, $salt, $hashIterations, $hashLength, $hash);
    }

    /**
     * PBKDF2 Implementation (described in RFC 2898)
     *
     * @param string $p password
     * @param <type> $s salt
     * @param <type> $c iteraton count (use 1000 or higher)
     * @param <type> $kl derived key length
     * @param <type> $a hash algorithm
     * @return string derived key
     */
    static public function pbkdf2( $p, $s, $c, $kl, $a = 'sha256' ) {

        $hl = strlen(hash($a, null, true)); # Hash length
        $kb = ceil($kl / $hl);              # Key blocks to compute
        $dk = '';                           # Derived key

        # Create key
        for ( $block = 1; $block <= $kb; $block ++ ) {

            # Initial hash for this block
            $ib = $h = hash_hmac($a, $s . pack('N', $block), $p, true);

            # Perform block iterations
            for ( $i = 1; $i < $c; $i ++ )

                # XOR each iterate
                $ib ^= ($h = hash_hmac($a, $h, $p, true));

            $dk .= $ib; # Append iterated block
        }

        # Return derived key of correct length
        return substr($dk, 0, $kl);
    }
...

Additional security might be obtained by changing instances of 
"->encrypting($model->password)" with 
"->encrypting($model->password.$model->username)"

Original comment by hcpsil...@gmail.com on 23 Apr 2011 at 1:03

[GoogleCodeExporter]

any chance of this being included in the next release?

Original comment by openbox...@gmail.com on 19 May 2011 at 7:27

[GoogleCodeExporter]

Perhaps an easier route would be integrating phpass?  I'm days new to Yii, but 
loving it and this module so far, but a salt would be a very welcome addition. 
(http://www.openwall.com/phpass/)

Original comment by Ryan.Gre...@gmail.com on 6 Jun 2011 at 3:00

[GoogleCodeExporter]

phpass is good, but hcpsilver accomplishes the same thing above and is an easy 
patch. 

Only one odd thing... I have to utf8_encode the hash string?

$temp = self::pbkdf2 ($string, $salt, $hashIterations, $hashLength, $hash);
return utf8_encode ($temp);

Otherwise I was receiving the following error: 

General error: 1366 Incorrect string value

Trying to save the password to the db. 

Original comment by lro...@gmail.com on 1 Jul 2011 at 1:41

[GoogleCodeExporter]

Salting the password would be very nice! 

But I don't see the advantage of using PBKDF2 for salting the password. PBKDF2 
is a Key DERIVATION Function which is designed to generate every time the same 
derived encryption key with a custom length from a master password. Like the 
generation of a encryption password from a user password.

I would recommend to use a random salt and store it in the user table with the 
hash.
$salt = uniqid('',true);
and store the salted hashed password as 
hash("sha256",$salt.$password); or 
hash_hmac('sha256', $password, $salt);

using this technique a hash will never have the the same value even if the same 
password is used many times.

Original comment by rol...@pucher.biz on 25 Sep 2011 at 10:37

[GoogleCodeExporter]

Hi,

AFAIK only crypt() using CRYPT_BLOWFISH is considered safe these days. Why? In 
a nutshell, it is *designed* to be slow and as such it pretty much prevents 
rainbow/dictionary attacks. 

PHPass also has integrated salt into the password hash per user/password so no 
need to have a salt column on the table - it does it for you. 

To me, PHPass is the only way to go today. I'm not a 
mathematician/encryption/hashing expert and I wish to avoid inventing the wheel 
or learning the entire subject.

I would soon need to start implement a site and I would like to use yii-user 
but I must have good hashing of password. md5/sha1 is not an options for me.
Therefore - I can integrate PHPAss into yii-user and submit it as a patch. 
Would you consider merging it?

Thanks,
Boaz.

Original comment by boaz.rymland on 27 Feb 2012 at 9:09

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

See forked repo: 
https://github.com/lennartvdd/yii-user/tree/feature/salted_passwords 

Original comment by lennart...@gmail.com on 29 Nov 2012 at 8:59