1

I just registered on a site where I had to specify sensitive information, eg. my card number. I got a confirmation mail where my password, the one I specified as my login password, was in plain text. I learned that password should NEVER be in plain text. If they can, that means that my sensitive information are stored in plain text too.

I contacted their support and they claim that they are using the encryption method SHA-256 for the passwords. Is it safe? Is it still possible to send plain text password even after encryption?

Gulbanan
  • 11
  • 2
  • 1
    Possible duplicate of [How to securely hash passwords?](http://security.stackexchange.com/questions/211/how-to-securely-hash-passwords) – Deer Hunter Feb 06 '16 at 21:02
  • 7
    SHA-256 isn't encryption. They do it wrong. Run for your life if you can, if you cannot, contact your bank. – Deer Hunter Feb 06 '16 at 21:03
  • To clarify, SHA-256 is a hashing algorithm, not an encryption algorithm. It is still considered secure for hashing passwords, however if your password is being sent to you in plaintext then they clearly have your plaintext password on disk somewhere. Which is terrible. – cremefraiche Feb 06 '16 at 22:20
  • Email is insecure so whether they hash or not, they've exposed your password just by emailing it. Tell them they're losers. – Neil Smithline Feb 07 '16 at 00:32
  • @DeerHunter - I disagree with the duplicate suggestion. This question is about emailing a user entered password, not necessarily about password storage (though the link is relevant to the discussion). – TTT Feb 07 '16 at 02:52
  • 1
    Please report them to [Plain Text Offenders](http://plaintextoffenders.com/). – Tom Zych Feb 07 '16 at 10:09
  • @MarkBuffalo - I don't think we should assume the site in question is a bank. – TTT Feb 07 '16 at 14:10
  • 1
    @cremefraiche - I would note that SHA-256 by itself is not at all considered secure for hashing passwords, any more than any single iteration method is (hint: none are). SHA-256 can be fine in PBKDF2-HMAC-SHA-256 with a high number of iterations, but by itself it's too slow. – Anti-weakpasswords Feb 07 '16 at 23:06
  • @Anti-weakpasswords You are absolutely right. I was not complete in my comment. – cremefraiche Feb 07 '16 at 23:21

2 Answers2

1

First, if you're worried, contact your bank and request a new card number, right now. Then change every password you use that's the same as, or similar to, what you sent them, on every site everywhere. Then terminate your account with them.

Second, the SHA family is a set of hash algorithms.

Third, they're lying, by omission if nothing else. If they truly did use any form of SHA-256 on your password, then they cannot send it to you in (probably unencrypted) email

  • Unless they ran an offline cracker themselves, AND your password was P@$$w0rd, Jennifer2007, 12345, or something similar. Without a weak password, SHA-256 will take a bit.

Fourth, unless they're using PBKDF2-HMAC-SHA-256 with a high iteration count (i.e. slow down offline attackers), then they're STILL doing it wrong if they're using SHA-256.

Fifth, either they're storing passwords in plain text, or they really are using encryption (instead of hashing), which is What got Adobe in trouble in 2013, and is wrong.

You are correct, they SHOULD NOT be able to retrieve your plaintext password from their storage.

Also, they shouldn't send it out over potentially unsecure email even if they are storing it. Double stupidity for the loss!

Anti-weakpasswords
  • 9,850
  • 2
  • 24
  • 52
  • 2
    Well, the program could email it to you before it hashes it. (Still don't trust them though.) – PyRulez Feb 06 '16 at 22:15
  • @PyRulez If they really are hashing, then no, it couldn't. The password should have been hashed from the moment it was created and there should _never_ be plaintext of it on the server. – cremefraiche Feb 06 '16 at 22:28
  • @cremefraiche It could have emailed it client side, potentially (I think that would either be insecure or difficult though). – PyRulez Feb 06 '16 at 22:34
  • @PyRulez I don't know what you mean by that. At what point in your mind is there ever cleartext of password on a server that utilizes password hashing? – cremefraiche Feb 06 '16 at 22:40
  • 3
    If the email is generated and sent instantly upon registration, then in theory it is still possible that the plaintext is never saved to disk. If they aren't lying about using SHA256, then I would assume they first send the email, then hash the password, and finally save the hash. (Not that it would be any better of course, since the plaintext is now saved on a multitude of mail servers out of the website's control, but the possibility is worth noting.) – tlng05 Feb 06 '16 at 22:58
1

Just to clarify, SHA256 is a one way hash, not encryption. Once it is hashed, it cannot be recovered.

You are correct to be concerned that a password you created (not auto-generated by the site) was emailed to you. That being said, I disagree with your statement:

"If they can, that means that my sensitive information are stored in plain text too."

Just because they do one thing wrong, doesn't mean they are doing other things wrong too. Similarly, just because another site does password storage correctly, doesn't mean they aren't making other mistakes. In other words, you can never truly trust any site unless you know exactly how it works behind the scenes.

Really the only thing you know for sure, is that they are emailing you the password you created when you registered. That is bad practice, but it doesn't necessarily mean anything more than that. It's entirely possible that they are sending the email at the moment you register, then hashing your password with SHA256 as they claim, and perhaps using proper methods of storage for payment information too (or not storing payment information at all on their servers).

The first thing I recommend would be to change your password on that site. It's possible that the email you received containing your password only happens when you first register. They might not send you an email every time you change your password, and if not, and if you believe they are truthful that they are hashing your password, then you're probably fine from then on.

As an extra precaution, if the password you initially used is also used by accounts you have on other websites, then I would recommend changing those as well. (This is why it is good practice to use a different password on every site you use.)

Edit: as a side note, I would recommend you contact the site and let them know you are concerned about them emailing you the password you entered. Perhaps even link them directly to this question as a good reference. Let's hope you can get them to change their process.

TTT
  • 9,132
  • 4
  • 19
  • 32