All geek questions in one place

When you really need to store a password in a database, what are the best practices

I have a web service using HMAC to verify signed requests. In this scenario, there is a key (password) assigned to each subscriber of my service. Of course, the user receives this key, but I also need to save the key in my database so that my service can verify the signature of each incoming request.

So, this is the case when I really need to store passwords in a database in a form that I can get and use. I can’t use the best practice of just storing a salty password hash in a database.

I could encrypt the keys, but then I need to store the encryption key somewhere. This is a fairly common scenario for RESTful secure web services, so the likes of Amazon (AWS) and Microsoft (Azure) should solve this problem.

What are the best practices in this situation?

+4
source share
3 answers

The only time password that must be stored in the database is the password required to connect to some other system. If you just need to verify the credentials provided by some other object, you should save the password hash.

Even if you need to use a password to connect to the other side, if you need some other credentials to perform this access (for example, someone logs into your system and then you log in to another system on their behalf), it is advisable to save an external password encrypted with a hash of the provided password (but not the same hash that is stored in the database!). If there are several credentials that can be used to log in to your server, keep a separate copy of the encryption key for the remote password, encrypted using all valid credentials.

+3
source

If you really need a password (for example, to connect to another system), I would recommend placing it somewhere away from other information. Perhaps a different database, an encrypted file in the file system, etc. This is so, if someone gets your main database, they also do not guarantee the receipt of the corresponding passwords.

This may be obvious, but you want the password location to be encrypted with a different key (to make it less likely that someone who somehow gets access to the main data source will also gain access to the password data store).

+1
source

It seems that the best option for your scenario would be to use public key cryptography .

0
source

Source: https://habr.com/ru/post/1332569/

More articles:


All Articles