Password Hashing Explainer
Heya,
Passwords are still prevalent, even though billions of accounts have been owned. Why? Because passwords are still supported by almost every application framework, are free with no special hardware requirements, and are known to users (even if they are disliked). If you work with CIAM systems you should understand the best way to secure passwords.
I found this blog post from a decade ago a really good explaination of why you must hash passwords. You may say “are we really still having this conversation” but I bet that at least some website you have an account on still stores ecrypted passwords, or worse yet plaintext.
One of the main threats is an attacker getting access to your database, then impacting your users by being able to get credential information (login identifiers such as email addresses as well as secrets like passwords). Even though everyone should use a long random unique passwords for each site, many users do not do this. Why? Because long unique passwords are either created and managed with a password manager (additional complexity) or need to be remembered (additional complexity).
From the blog post:
Hashing passwords is to prevent this from happening, when the attacker gets his hands on your database, you want to make it as painful as possible to retrieve those passwords using a brute-force attack. Hashing passwords will not make your site any more secure, but it will perform damage containment in the event of a breach.
The post talks about what you want from a password hashing algorithm, which is the relatively unique property of being fast if executed once (by a normal user) and slow if executed many times (by a credential stuffing attack). This post also breaks down other terms, such as hashing, salt and pepper.
However, I'd be hesitant to take the algorithm recommendations without further research. The author recommends avoiding MD5 (which is still good advice) and recommends bcrypt and scrypt, but a decade is a long time in the security space. After all, that's approximately the elapsed time between needing an extension to let users know about the HTTPS state of common websites and that extension being deprecated.
For algorithms, NIST publishes guidelines every few years. From the 2023 guidelines:
Examples of suitable key derivation functions include Password-based Key Derivation Function 2 (PBKDF2) and Balloon.
While there are other options (magic links, passkeys), passwords will still be around for a long time. If you are storing them, make sure you are doing it right.
Dan