Gee, the interesting things you find when browsing the wikipedia codebase. Don't you people know what salt is? I'll give you a clue. Here's how an attacker with access to Wikipedia's hashed passwords would currently inverse-MD5 the passwords:
sort user table by hashed password; foreach (possible password) { x = md5(password_guess); binary search table for match; }
And here's how it would work with salt:
for (userNum=0; userNum < numUsers; userNum++) { foreach(possible password) { x = md5("wikipedia" + userNum + password_guess); check for match } }
Some numbers: my password is 9 essentially random lower case letters. By brute force, it would take a hacker about a week to inverse MD5 it, with one computer. With the current scheme, if all 10000 users of Wikipedia used the same kind of password, the hacker would successfully inverse MD5 one roughly once every 10 minutes. He could then check those username/password combinations against other sites -- say, Internet banking, unix accounts on various servers, email, etc.
Don't worry, I fixed it. What do I do with the rectified code (once I've read over it a couple more times)?
-- Tim Starling.
_________________________________________________________________ MSN Instant Messenger now available on Australian mobile phones. Go to http://ninemsn.com.au/mobilecentral/hotmail_messenger.asp
On Sun, 2003-03-30 at 07:04, Tim Starling wrote:
Gee, the interesting things you find when browsing the wikipedia codebase. Don't you people know what salt is?
Nothing like reinventing a wheel to reinvent old bugs, is there? :)
Don't worry, I fixed it. What do I do with the rectified code (once I've read over it a couple more times)?
By all means, send it over.
Obviously we'd have to add a note explaining that everyone has to reset their password. Not everyone has an e-mail address attached to their account, so we'd need to add a web form for doing this. That obviously would require first validating the person with their current password with the current hashing code; so we'd probably need a marker to indicate that each users' password field is upgraded.
Of course, all our passwords are sent in cleartext over the internet anyway, so should never be assumed to be secure.
-- brion vibber (brion @ pobox.com)
--- Brion Vibber brion@pobox.com wrote:
On Sun, 2003-03-30 at 07:04, Tim Starling wrote:
Gee, the interesting things you find when browsing
the wikipedia codebase.
Don't you people know what salt is?
Nothing like reinventing a wheel to reinvent old bugs, is there? :)
Don't worry, I fixed it. What do I do with the
rectified code (once I've
read over it a couple more times)?
By all means, send it over.
Obviously we'd have to add a note explaining that everyone has to reset their password. Not everyone has an e-mail address attached to their account, so we'd need to add a web form for doing this. That obviously would require first validating the person with their current password with the current hashing code; so we'd probably need a marker to indicate that each users' password field is upgraded.
Of course, all our passwords are sent in cleartext over the internet anyway, so should never be assumed to be secure.
-- brion vibber (brion @ pobox.com)
Si. And remember, on the first of january 2003, someone took over three sysops accounts on the french wiki, and indicated our passwords in clear to the three of us. So...well...security...hum
__________________________________________________ Do you Yahoo!? Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop! http://platinum.yahoo.com
wikitech-l@lists.wikimedia.org