preface

When we develop websites or apps, the first problem to be solved is “how to securely transfer and store user passwords”. Some large companies user database leaks also happen from time to time, bringing a very big negative impact. Therefore, how to safely transfer and store user passwords is a necessary basis for every programmer. This article will learn how to safely transfer and store user passwords.


Public account: “The little boy picking up snails” (discuss password transfer and storage problems together)

1. How can I securely transmit user passwords

It’s easy to think of using the HTTPS protocol to deny users’ passwords from running naked on the Internet

1.1 the HTTPS protocol


  • Three major risks of HTTP

Why use the HTTPS protocol? “HTTP doesn’t smell good”? Because HTTP transmits information in plaintext. If you use HTTP in the vast network ocean, there are three major risks:

  • Eavesdropping/sniffing risk: Third parties may intercept communications data.
  • Data tampering risks: After obtaining communication data, a third party will maliciously modify it.
  • Identity forgery risk: Third parties may impersonate the identity of others to participate in communications.

Transmitting unimportant information is fine, but transmitting sensitive information like user passwords is a big deal. Therefore, the HTTPS protocol is used to transfer user passwords.

  • HTTPS principle

How does HTTPS work? Why does it address the three major risks of HTTP?

HTTPS = HTTP + SSL/TLS. SSL/TLS is a transport layer encryption protocol that provides content encryption, identity authentication, and data integrity verification to resolve data transmission security issues.

To understand how HTTPS works, let’s review “a complete HTTPS request flow”


    1. The client initiates an HTTPS request
    1. The server must have a digital certificate, which can be made by itself or applied to an authority. This set of certificates is essentially a pair of public and private keys.
    1. The server sends its digital certificates (including public keys and certificate authorities) to the client.
    1. After receiving the digital certificate from the server, the client verifies the validity of the public key, such as the issuing authority and expiration time. If no, a warning dialog box is displayed. If the certificate is fine, a key is generated (the key of the symmetric encryption algorithm is actually a random value) and the random value is encrypted with the certificate’s public key.
    1. The client makes a second request in HTTPS, sending the encrypted client key (random value) to the server.
    1. After receiving the key from the client, the server uses its own private key to decrypt it asymmetrically. After decryption, the server obtains the client key and encrypts the returned data symmetrically with the client key. In this way, the data becomes ciphertext.
    1. The server returns the encrypted ciphertext to the client.
    1. After receiving the ciphertext returned by the server, the client uses its own key (the client key) to symmetrically decrypt the ciphertext to obtain the data returned by the server.

  • Is HTTPS secure?

HTTPS data is transmitted in ciphertext. Therefore, is HTTPS used to transmit password information secure? In fact, “no” ~

  • For example, HTTPS is based entirely on trusted certificates. But if a middleman forges the certificate, once the client is authenticated, the security is suddenly gone! Usually all kinds of phishing indescribable website, it is likely that the hacker is inducing the user to install their counterfeit certificate!
  • HTTPS can also be caught by forging certificates.

1.2 Symmetric Encryption Algorithm

Since HTTPS protocol is used to transfer user password, or “not secure”, so, we give the user password “encryption and transfer”

There are two types of encryption algorithms: symmetric encryption and asymmetric encryption. What type of encryption algorithm is “sound”?

Symmetric encryption: used for encryption and decryptionThe same keyEncryption algorithm.

Commonly used symmetric encryption algorithms are mainly the following:

If the symmetric encryption algorithm is used, it is necessary to consider “how to give the key to the other party”. If the key is transmitted to the other party through the network, the transmission process, if the middleman gets it, it is also risky.

1.3 Asymmetric encryption Algorithm

What about asymmetric encryption?

“Asymmetric encryption:” Asymmetric encryption algorithms require two keys (public and private). The public key and private key exist in a pair. If the public key is used to encrypt data, only the corresponding private key can be decrypted.


Commonly used asymmetric encryption algorithms mainly include the following:

If the asymmetric encryption algorithm is used, it is also necessary to consider “how to transfer the key to the other party”. If the public key is transmitted to the other party through the network, the transmission process is obtained by the middleman, what will be the problem? “Can they fake the public key, give the fake public key to the client, and then use their own private key to encrypt the data?” You can think about this problem

We directly “log on baidu”, catch the next interface request, verify how the big factory is encrypted. You can find that there is an interface for obtaining public keys as follows:


The login interface is RSA, which is an asymmetric encryption algorithm. In fact, Baidu front-end is using JavaScript library “jsencrypt”, in github star is quite a lot.


Therefore, we can use “HTTPS + asymmetric encryption algorithm (such as RSA)” to transfer user passwords ~

2. How to store your password securely?

Assuming the password has reached the server safely, how do you store the user’s password? Do not store passwords in clear text to the database! You can use “hash digest algorithm encryption password”, and then save to the database.

Hash digest algorithm: only one hash value can be generated from the plaintext, not the reverse hash value to the plaintext.

2.1 MD5 digest algorithm protects your password

MD5 is a very classical hash digest algorithm, which is widely used in data integrity check, data (message) digest, data encryption and so on. However, only using MD5 to digest the password is not secure. Let’s look at an example, as follows:

public class MD5Test {

    public static void main(String[] args) {

        String password = "abc123456";

        System.out.println(DigestUtils.md5Hex(password));

    }

}

Copy the code

Running results:

0659c7992e268962384eb17fafe88364

Copy the code

If you enter the password, you can see the original password.


Imagine if a hacker built a huge database, calculated the MD5 hash of all alphanumeric passwords up to 20 digits, and stored the passwords and their corresponding hashes in it (the “rainbow table”). When cracking the code, all you need to do is look up the rainbow list. So “MD5 only hash password storage”, is not secure ~

2.2 The MD5+ salt digest algorithm protects user passwords

So why not try MD5+ salt? What is “salted”?

In cryptography, the practice of inserting a specific string at any fixed position in a password so that the hash result does not match the hash result of the original password. This process is called “salting”.

User password + salt, hash hash, and then save to the database. This can effectively counter the rainbow table cracking method. However, when using salt, you need to pay attention to the following points:

  • Can’t write dead salt in code, and the salt should have a certain length (if it is too easy to write dead salt, hackers may register several accounts to reverse launch)
  • Each password has its own salt, and the salt should be longer, say more than 20 characters. (The salt is too short, plus the original password is too short to crack)
  • It is better to have random values and be globally unique, meaning there is no ready-made rainbow list for you anywhere in the world.

2.3 To improve the security of password storage, Bcrypt

Even with salt, passwords can still be violently cracked. So we can adopt more “slower” algorithms that make it more expensive for hackers to break passwords, or even force them to give up. Bcrypt, a powerful tool to improve password storage security, can shine.

In fact, Spring Security has abandoned MessageDigestPasswordEncoder, it is recommended to use BCryptPasswordEncoder, namely BCrypt for password hash. BCrypt is an algorithm designed to save passwords and is much slower than MD5.

Here’s an example:

public class BCryptTest {



    public static void main(String[] args) {

        String password = "123456";

        long md5Begin = System.currentTimeMillis();

        DigestUtils.md5Hex(password);

        long md5End = System.currentTimeMillis();

        System.out.println("md5 time:"+(md5End - md5Begin));

        long bcrytBegin = System.currentTimeMillis();

        BCrypt.hashpw(password, BCrypt.gensalt(10));

        long bcrytEnd = System.currentTimeMillis();

        System.out.println("bcrypt Time:" + (bcrytEnd- bcrytBegin));

    }

}

Copy the code

Running results:

md5 time:47

bcrypt Time:1597

Copy the code

A rough comparison shows that BCrypt is dozens of times slower than MD5, so hackers need to spend dozens of times more on brute force cracking. Therefore, it is recommended to use Bcrypt to store user passwords

3. Summary

  • Therefore, HTTPS and asymmetric encryption algorithms (such as RSA) are generally used to transfer user passwords. To ensure security, you can construct random factors in the front end.
  • Use BCrypt + salt to store user passwords.
  • To prevent brute-force cracking, enable smS-BASED authentication, graphic verification code, and account locking.

Reference and thanks

  • How can sensitive data be stored and transmitted correctly? https://time.geekbang.org/column/article/239150[1]
  • How to encrypt and store user password https://juejin.cn/post/6844903604944371726#heading-8[2]

The public,

  • Public account: “A boy picking up snails”
  • Making address: https://github.com/whx123/JavaHome