On Monday, January 14, 2013 11:16:56 PM UTC+1, Ryan Schipper wrote: > > That said, why does the password (in particular) need to be tracked? I can > think of a very good reason not to track it: mistyped passwords. Consider > how many times you mistype your password. If a computer system were to > track my mistyped passwords, the database containing those would become a > treasure trove for internal fraudsters. > > The problem is that, as a user, we have no idea what goes on on the server side of a secure connection we POST credentials to. We have to entirely trust the developers behind any given service, which can be hard to do at times.
If HTTP included a mechanism to automatically hash the password (one can hand-code this today, but it's not common and it's not visible to the user of a service), this whole issue of password logging and theft would go away. The mechanism should probably include an optional salt, so that even attacks using rainbow tables on stolen log files would be useless. This would naturally require a second hash+salt on the server side, so different representations of the password exist in 3 different realms; client/browser (password), transport/http (hash(password+SALT)) and server/database (hash(hash(password+SALT))+SALT). -- You received this message because you are subscribed to the Google Groups "Java Posse" group. To view this discussion on the web visit https://groups.google.com/d/msg/javaposse/-/gZ2EFI3h9egJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
