Password salting

[ezorita]

Description

Store hashed passwords along with a salt random string to avoid easy plain-text recovery using hash lookup tables.

Subtasks

• [ ] Generate truly random strings of 512 bits.
• [ ] Compute SHA512 of password+salt.
• [ ] Store salt in database.
• [ ] Consider making a new table user_credentials which stores identification-related info.
• [ ] Protect user_credential tables with a specific username (create/edit user routines can rw, the rest can only r).
• [ ] Update functions
  • [ ] validateCredentials
  • [ ] createNewUser

    Acceptance criteria

• [ ] Passes all current tests.
• [ ] Code reviewed by a 3rd person expert in cryptography.

  Dependencies

  None

  References

  https://crackstation.net/hashing-security.htm