Passkeys and the Future of the Password - Part 2
This is the second part in a series of posts where we talk about passwords, its issues, and passkeys, the industry’s solution to password issues. The rest of the posts will be linked here when posted.
Part 2 - Protecting the Password (current)
We saw in Part 1 of the series that humans are not very reliable in creating and remembering secrets secure enough to protect accounts. In Part 2 of the series, we look at the different solutions the security industry has come up with to secure passwords.
Protecting Passwords
When authenticating against any system, the credentials used need to be transmitted. The system itself needs to store the password somewhere in order to compare the password to make sure they are the same, then grant access if they are. This creates two problems:
How to transmit passwords securely
How to store passwords securely
For both problems, the industry uses cryptographic concepts to protect the password.
Hashing Passwords
In cryptography, there are different cryptographic methods depending on its usage, and is based purely on mathematical operations. For protecting passwords, hashing is used. Hashing takes a string of characters of any length (in this case, a password), and turns it into a binary number or hexadecimal representation that is fixed in length called a hash. The mathematical operations used in hashing were designed such that it is infeasible to turn the hash back into the original text. The hash is then stored and compared when a user tries to log in with their username and password. Rather than storing the actual password, the hash acts as a representation of the password, somewhat like a fingerprint, that can still prove that the password used is the same.
This helps secure the password in the sense that the original password itself is not stored, and therefore cannot be compromised if the hash stored is compromised. Even if the hash gets compromised, it would be difficult to find the original password used to create the hash, so the user’s password and account would still be protected.
Of course, this all works great in theory. In reality, there are a few factors that affect the security of hashed passwords.
First, we need to revisit the human factor. Recall in Part 1 that users tend to use simple passwords, such as “password123”, “1234567”, “hockey”, etc. Hashing itself does not prevent users from using simple passwords. It just makes it more difficult to recover passwords from the hash. However, attackers can still use brute force to attack the system. From the many breaches throughout the decades, attackers have figured out a list of common passwords, but also a list of hashes that correspond with the password. So, although it is infeasible to turn a hash by itself back into a password, attackers can use passwords or password lists, hash each of them, and build a database of passwords to hashes mappings. The result is called a rainbow table. Once an attacker compromises a system containing hashes, they can compare the passwords to hashes mappings in the rainbow table to figure out the password. This reveals a flaw in hashing passwords: the hash or fingerprint stays the same for each password.
The security industry’s solution to this is salting. A salt is a value that is added to a user’s password before the hash is computed. Then the hash value is the combination of the salt and the password. Salting itself doesn’t resolve the uniqueness problem, but generating a unique salt for each user does. When the salt is unique for each user, the resulting hash will be unique, even if the password itself is the same, as the salt provided enough difference for the hash algorithm to produce a different hash value. From an attacker perspective, it increases the cost and complexity of their attacks as hashes are now all unique, and would require additional steps and calculations to successfully carry out the attack.
Second issue is more technical. One of the first hashing algorithms invented was MD2, and eventually updated to MD6. The algorithm takes arbitrary length string and turns it into an 128-bit hash value. The older algorithms have a few issues. One is the algorithm was later determined to be prone to collisions. A collision is a concept where two strings are found to provide the same hash value. This is bad in the sense of a hashed password in that an attacker no longer needs to figure out the actual password to compromise an account, just a string that produces the same hash. In the cryptographic industry, if a researcher can find a collision in a way other than brute force, then the hashing algorithm is basically considered broken. The other issue with older algorithms is the length of the hash. As technology rapidly advanced in the last two decades, so has the speed at which hashes can be calculated. With modern hardware, short but complex passwords can be cracked within hours using brute force. See the chart below to get an idea of the time to crack a password vs password complexity and length.
Image: Hive Systems
The security industry has moved on to better algorithms that also produce longer hashes, which is more secure. However, brute forcing is only going to get faster as hardware technology advances. Combine this with the human factor, and it is obvious that having users remember passwords is only going to get us so far.
Password Manager
The security industry has advocated for the usage of password managers for some time. As the name suggests, it is a database for all of a user’s passwords. The benefit of a password manager is that the user does not have to remember any password, except for one: the master password. Password managers also offer random generation of passwords for each system to make it unique, which can prevent credential stuffing attacks where the attacker reuses stolen credentials from one system on other systems as users tend to reuse credentials on multiple sites. Since the user does not need to remember these passwords, the passwords can be long and complex, thus making it harder for attackers to crack.
However, the benefit of a password manager is also a cost. One master password can now gain access to all of a user’s passwords. So, the security of the master password is crucial. It doesn’t matter that the passwords inside the password manager is secure if the master password that can gain access to the entire database of passwords is not secure. Another issue of having a single database for passwords is that the attacker only needs to gain access to the password vault in order to gain access to everything. So, attackers will want to target password managers to steal vaults. We saw the breach at LastPass late last year that saw users’ password vaults stolen. For most password managers, the vaults themselves are encrypted, so the attacker wouldn’t be able to read the contents, but if the master password is weak, then the attacker can potentially brute force the password or carry out a dictionary attack. And thus, password managers do increase security, but the human factor once again is the weakness in the system.
Takeaways
Technical measures used to protect passwords, such as hashing, salting, and password managers do increase the security of passwords in many cases, but the measures are only as good as the human creating the passwords.
References
https://www.codecademy.com/resources/blog/what-is-hashing/
https://rsheasby.medium.com/rainbow-tables-probably-arent-what-you-think-30f8a61ba6a5
https://en.wikipedia.org/wiki/MD2_(hash_function)
https://privacycanada.net/hash-functions/hash-collision-attack/
https://auth0.com/blog/adding-salt-to-hashing-a-better-way-to-store-passwords/
https://www.cloudflare.com/learning/bots/what-is-credential-stuffing/
https://www.bleepingcomputer.com/news/security/lastpass-hackers-stole-customer-vault-data-in-cloud-storage-breach/