0

There is a technique called password hashing that describes creating unique passwords based on a unique master key and a static and arbitrary hash value.

Using this technique, the user only has to remember the master key to have a unique password for every site/application.

There are many free programs, sites, and browser extensions that implement this system. A very simple example is this one.

This technique appears useful, but there is a common case that it does not seem to handle well. That case is when the user has to change the password for a site (due to a reported security breach or a forced change due to time duration). Once the user change that password, it will no conform to the hash system.

The only solution I can think of is for users to change the master key in order to generate a new password, but then all their other passwords will not work with that new master key. So now they have to remember which sites use which master key, which is almost as bad as having them remember different passwords.

Does anyone have a solution for handling this common case?

2 Answers2

1

Just to be clear, there is something else called password hashing that is completely different to what you describe, so that is a terminology collision, which is unfortunate.

To handle "exceptions", you must have some storage. One method could be to store (e.g. in a local file) a map from server name to some string, e.g. an integer. The scheme would be:

  • The local file contains lines. Each line contains an application name (e.g. the name of a Web site) and an integer.
  • If an application name does not appear in the file, then the password for that application will be a hash computer over the concatenation (in some way) of the master password and the application name.
  • If the application name appears in the file, then the integer value is appended to the master password in the hash input.

That way, the size of the local file is proportional to the number of exceptions.


There is of course ample room for botching things here. Notably, each generated password may be used as a test for an offline dictionary attack on the master password. So the master password must be stronge (that is, stronger than is usually necessary for passwords).

Tom Leek
  • 170,038
  • 29
  • 342
  • 480
1

This is similar in functionality to using an algorithm to generate password information. Since you provided an example site: http://hash.tknetwork.de/, we can describe how you might generate a new password when you are required to change it.

  • You can add an integer, date, or other value to the 'parameter' to iterate it
  • You can have multiple master keys (semi-defeating)
  • You can hash the password iteratively using the previous hash as a 'parameter' to the next hash iteration and leaving your master key intact.

You need to record the site names and integer, date, what have you, or the iterations of hashes, or both. Since those are the only two inputs, you have to alter one or the other when generating a new password for the same site. The iterative hashing idea is probably the best, since the attacker should never know the key, and you just have to hash multiple times as needed.

Easy enough.

Desthro
  • 1,007
  • 5
  • 5