Ask HN: Is this the right way to create a login?
Our current model is that we store salted hash passwords where the username is the salt.
When the user opens a login page, the server creates a session and sends a random string along with the login page. On the client side, JS computes the salted hash of entered password (salt = username), then appends the random string as salt and computes hash again. Then sends this hash to us via post.
The server matches received hash against hash of (stored hash+random string that we sent).
So is this method secure? If not, what can we do to improve it?
7 comments
[ 2.0 ms ] story [ 26.0 ms ] threadYou also seem to be reinventing a few wheels here, and I feel there's a "We don't want to buy an SSL certificate" motivating part of it, which is a poor call. Buy the SSL cert. Send the user's input to the server. Compare it against the bcrypted hash. Simple, easy to implement, hard to screw up, resistant against you losing your DB.
As your computing power grows, you can increase the number of rounds.
If you ever replace your login algorithm like Kickstarter did, give your users a few months to log in to upgrade their stored hashed password. Then purge any outdated hashes. Let those users do password resets.
The random string which is part of session is to avoid replay attacks. But i suppose SSL should be taking care of it, right?
Your session management / CSRF token will take care of replay attacks without you having to worry about integrating that into your login page. If your sessions aren't secure against replays they can be replayed after the login anyhow.
Here's all you need to know: http://stackoverflow.com/a/477578