I'm writing a game which requires users to log in to their accounts in order to be able to play. What's the best way of transmitting passwords from client to server and storing them?
I'm using Python and Twisted, if that's of any relevance.
The best way is to authenticate via SSL/TLS. The best way of storing passwords is to store them hashed with some complex hash like sha1(sha1(password)+salt) with salt.
If you want plug'n'play solution, use py-bcrypt for storing passwords (http://www.mindrot.org/projects/py-bcrypt/) and SSL/TLS to protect them in transit.
Related
I'm writing a CLI using python that pretty much is wrapping around an API for a website. There is authentication for the API, so I need to ask the user for their username and password. I'm not sure how to store these on the system without having them saved in plaintext somewhere. Is there a best practice for something like this?
As an example, a user might call from the command line:
python some_cli.py
And this will prompt them for their username and password if it isn't already saved. I thought about trying to save them with os.putenv or os.environ, but that won't be saved since this process will die and these won't be saved for future processes. The only thing I can think of is to have a file that this information will be saved in and read from.
Use the credentials the user enters to log into the web API that you are wrapping. The API should return a token or a session, just as if you were using it in the browser. Store this token or session somewhere in your CLI program as a variable or store this in a file. This will need to remain as plaintext. Each CLI instance can use this file to make requests to the API when run. You will need to handle expired sessions/tokens too by asking the user for their credentials to re-authenticate.
Generally, passwords are salted and hashed before they are stored on the system's hard disk. It sounds to me as though you're writing a client-side password storage script. Therefore, I would recommend the SHA-2 or bcrypt hashing algorithms to make your passwords unintelligible before storing them. Do not use MD5 or SHA-1 to hash your passwords, as they have known vulnerabilities.
When the user-supplied password and the real password is compared, they are not compared in plaintext. The user-supplied password is first salted, then hashed. The resulting hash is compared with the hash of the "correct" password that is stored on the disk. Using this method, the plaintext password is never stored on the disk. Additionally, since the probability that two hashes will match is extraordinarily low, it is considered a safer practice than storing plaintext passwords (a much, much safer practice because hashes are extremely difficult to reverse even if the attacker knows the hash).
This thread has a couple of interesting implementations of salting and hashing, including a bcrypt implementation. Salt and hash a password in python
A secure password storage tutorial may help you on your journey.
Keep in mind that cryptography has its weaknesses. Rainbow table attacks, timing attacks, and known plaintext attacks are all things that must be understood when switching to cryptographic password storage. That being said, cryptography is a highly respected field known to offer good security.
I'd recommend you join Stack Exchange's Cryptography Forum
I have some APIs (django-rest-framework) which do basic authentication (Base64). On one client box, there is a cron job, which sends requests to APIs.
Now, I hardcoded the base64 encrypted username and password on the disk. I know it is not secure. But how to improve it? Can I use another algorithm instead of base64?
Thanks
UPDATE
Token authentication involves key too. so, we need to store the key somewhere for the cron job. I am trying to solve the problem of hard-coding the key somewhere for the crob job. If the hardcode cannot be avoided, I prefer a stronger encryption algorithm. So, I am thinking about a strong encryption algorithm to encrypt the password and username and storing them somewhere.
Any comments welcomed. Thanks.
I need the user to input their password into my script so that I can then use that password to perform an LDAP operation on their account. It's very simple:
password = getpass.getpass()
ldapconn.simple_bind_s(binddn, password)
Even though the password is never leaving the script and is never displayed in plain text, isn't it still vulnerable to something like a memory dump? What's the best way to secure this password within the script, but still make use of it?
This post is interesting: https://security.stackexchange.com/questions/29019/are-passwords-stored-in-memory-safe
Primarily because the answers confirm my suspicion that passwords stored in RAM are not safe. My question is, how is one supposed to do work that requires that sensitive information be stored in RAM? No one on that post really posts a practical real-world solution, just a lot of a confirmation and details as to why RAM is not safe. Using my short example of an LDAP connection above, what concrete changes could you make to better secure the password variable?
Using my short example of an LDAP connection above, what concrete changes could you make to better secure the password variable?
None. You either:
Need to have the plain text to send to the LDAP API,
In which case you need to have the plain text, which an attacker could get
Or you need encrypted text which you decrypt, which an attacker could get after you decrypt it
Need a password hash to send to the LDAP API
Then the attacker could get the hash and use it. It's effectively a plain password at that point.
The solutions which exist are to have a design which does not involve prompting the user for their password at all, and does not involve sending plain text passwords to other services.
e.g. you have a properly working Kerberos environment with synchronised time, users getting Kerberos tickets at first login, and those tickets being used to authenticate with services without password prompts. Tickets have a limited lifetime and Kerberos replay detection is built in, so that if they are taken from memory they are much less useful than a password.
So the user hits a password prompt once for the entire environment, not once per script they run or service they access, and that password is handled by one centralized, well reviewed, low level OS process.
At work we are doing monitoring system servers. We have passwords that give access to the servers. Kept it all should in the database. We will be held on the basis of encrypted passwords, and must connect to servers using the decrypted passwords.
The problem - where to store the decryption key password? Which is
better to use an encryption method? Do commercial ready \ open
solutions for this?
All this is done on a bunch Python + Django.
No such frameworks had to write everything yourself.
what would be a good way to implement an authentication in python? something that already exists is fine too.
I need it for auth over an untrusted network connection. It doesn't need to be advanced, just enough to get a common password over securely.
i have looked at the ssl module. but that module confuses me like there's no tomorow.
long story short: I want ssl or something similar to work. if someone could explain it to me it'd be great.
it's a client-server system. the client can't be trusted, anyone can 'decompile' python. i do need to handle connections from arbitrary clients. as soon as the secure connection is made i can start doing the actual auth using password checksums and whatnot. i'd rather not send plaintext checksums as that'd be pretty darn easy to spoof.
Obviously HTTPS is a good choice, if you do not need encryption, HMAC can provide a secure authentication alternative, and seems to be supported in python.