Ask HN: Is Apple not hashing passwords?
After the recent iCloud debacle, I methodically went about setting passwords of everything I care about to use very secure passwords, i.e. very long strings composed of random alphanumeric and non-alphanumeric chars. When it came time to change my AppleID password I noticed forgot.apple.com had max length set to 32 in the password form, after removing with web inspector and submitting I was presented with this http://i.imgur.com/uSlW2.png
When a website imposes a maximum length on passwords what other reasonable conclusions can be drawn other than the passwords are not hashed before being persisted? For example a SHA512 is always 128 chars long regardless of input, so why is there a need to put a limit on the maximum amount of chars in a password? Just set the column length to 128 and be done with it.
16 comments
[ 0.21 ms ] story [ 83.3 ms ] threadThere is a very unlikely security scenario, where the hash of the password actually forms a dictionary word (or combination of dictionary words).
I did say it was very unlikely (astronomically so). And this only mitigates against this if the login form restricts your password to 32 chars.
I'll vote with "inept project manager" or unhashed password. Not sure which worries me more.
I would love to be an optimist, but the internet keeps proving me wrong.
ruby -rdigest/sha2 -e "puts Digest::SHA512.digest('foo').length" = 64
Maybe you didn't quite understand saurik's response. There was nothing asshole about it. S/He conveyed three basic points:
Now, I happen to absolutely agree on points #1 and #2, but disagree with #3.It is not true that passwords longer than the hash output are 'totally useless'. To find an arbitrary input which produces a specific hash requires 2^(bit-1) guesses on average. 'Attacking the hash' is simply not possible for a 256-bit hash. The only possible attack vector is to 'attack the password'. Therefore passwords longer than 32 chars are still useful.
A 12-character truly random password taken from the full character set would take the #2 super-computer on the planet approximately 8000 days to crack in 2011. http://www.youtube.com/watch?v=CKNW5AUo-dM&t=43m50s
Add a couple more characters and you're into 'galactic years' to measure how long it would take. So clearly we don't need anywhere near 32 chars if the alphabet is large and symbols are picked at RANDOM.
But if you want any hope of being able to REMEMBER the password, then a better option may be trying to get equivalent entropy using a long pass-phrase; it could possibly require more than 32 characters to make it long and fun enough to be memorable.
In other words, you're most likely looking at the feature of iForgot that prevents you from selecting a password that one of the other systems isn't prepared to handle, or at least might not have been prepared to handle reliably last time requirements were frozen for a major system-wide upgrade of the (internal) AppleID protocol.