undefined | Better HN

0 pointsjarkhen5y ago0 comments

If the string changes each time, how could they possibly have the matching hashed password stored in the database?

0 comments

fgonzag5y ago

They have the users password hash stored in their db so they can replicate the process server side:

login_token = hash(pwd_hash + nonce)

its nothing too wild, especially considering the age of yahoo mail.

jarkhenOP5y ago

Ah, right, I misread the original description of what they were doing.

As is, then, it really is just making the hashed password the new password. If I can get the hashed password out of the DB, I can load the login page and simply skip the initial hashing step that's done on the frontend. I now have access to the account without ever knowing the original password.

SAI_Peregrinus5y ago

Except that it's easy (indeed, required for security) to change the nonce for each login request, so you can't just replay the hash.

jarkhenOP5y ago

That protects against an attacker reading network traffic. It does not protect against an attacker that has the hashed password from the DB.

The only thing you need in order to authenticate at any given time is the hash of (hashed password + nonce). The latter you get for free, at any time, from the server, so you only need to know the hashed password -- not the password itself. Since the hashed password is directly stored in the DB, if you get your hands on that you can authenticate.

1 more reply

j / k navigate · click thread line to collapse

0 comments

fgonzag5y ago

They have the users password hash stored in their db so they can replicate the process server side:

login_token = hash(pwd_hash + nonce)

its nothing too wild, especially considering the age of yahoo mail.

jarkhenOP5y ago

Ah, right, I misread the original description of what they were doing.

SAI_Peregrinus5y ago

Except that it's easy (indeed, required for security) to change the nonce for each login request, so you can't just replay the hash.

jarkhenOP5y ago

That protects against an attacker reading network traffic. It does not protect against an attacker that has the hashed password from the DB.

1 more reply

j / k navigate · click thread line to collapse