- From: David Woolley <david@djwhome.demon.co.uk>
- Date: Sat, 16 Nov 2002 21:27:01 +0000 (GMT)
- To: www-html@w3.org
> sends the MD5 password instead of a text/plain password, that it "is passed > in plain text". That's not true, a MD5 hash is passed! Which can be used as though it were a plain text password using a browser trivially modified not to do the MD5 hashing. It is plain text equivalent as far as interception of communication is concerned. Sensible hash based systems for securing passwords in transit use a random challenge that is combined with the password. The disadvantage is that the server then needs to store plain text passwords, because it has to combine them with the random number to do the check. Windows tries to get round that by hashing the password before storing and as the first thing done by the client, but that has a similar problem to the one described here; the Windows password database is plain text equivalent with respect to compromises of the database, so must be strongly protected. Even challenge response systems are vulnerable to dictionary attacks, although they are better than pure MD5 in that you cannot precompute the hashes for the dictionary. Using a good encryption system with long, random, keys, means you have to break the encryption key (effectively a very long, non- dictionary, password) before you can start your attack on the password.
Received on Saturday, 16 November 2002 16:27:36 UTC