search

scidsg / hushline

Hush Line connects whistleblowers with organizations and people who can help.
https://hushline.app
GNU Affero General Public License v3.0
79 stars 21 forks source link

Use stronger algorithm for hashing passwords #276

Closed brassy-endomorph closed 7 months ago

brassy-endomorph commented 8 months ago

We may want to use scrypt or argon2i so we can control the memory hardness or number of threads to hash a password as a means to increase the difficulty of cracking passwords should the DB ever get leaked.

brassy-endomorph commented 8 months ago

Reopening this because passlib just wraps and uses bcrypt. It gives us a path forward to to updating the password hashes and migrating, but it doesn't actually change the underlying hashing function.

glenn-sorrentino commented 8 months ago

Do you have a preference for algorithms? Initial research for Argon2, aside from them winning the 2015 password hashing comp, its newer tech and uses more memory. Scrypt is faster and stronger against brute force.

glenn-sorrentino commented 8 months ago

I actually noticed that you recommended Argon2i. Is a middle ground 2id?

glenn-sorrentino commented 8 months ago

Working in the hashing branch: https://github.com/scidsg/hushline/blob/hashing/hushline/model.py

brassy-endomorph commented 8 months ago

After our out-of-band conversation, I think we should pause this so that we can figure out what the appropriate level of compute should, pending threat modeling. If we're not terribly concerned with APT threats, we can use something less complex.

Depends on #265

brassy-endomorph commented 8 months ago

Possibly argument against argon2i in favor of yescrypt. https://fedoraproject.org/wiki/Changes/yescrypt_as_default_hashing_method_for_shadow