Code reuse and taking advantage of existing frameworks and infrastructure is commonly considered to be best practice. In many cases, these practices lead to faster development cycles and better products. But what if the use of these tools negatively impact application security?
Properly managing user passwords is a crucial component of application security. Poorly managed passwords could allow an attacker to hijack a user’s account and masquerade as them on the system. This level of access could expose sensitive data or functionality or give the attacker a foothold from which to attack additional systems.
How CMSs And Web Application Frameworks Mess Up Password Storage
A recent study explored how 49 commonly-used content management systems and 47 web application frameworks stored user passwords. The results were less than encouraging, with several different tools failing to provide the appropriate level of protection to user credentials. The main issues discovered were a use of outdated hash algorithms for password storage and a failure to properly use salts and iterations to protect weak and reused passwords from attack.
Outdated Hash Algorithms
One of the most common ways that a program can fail to properly secure user passwords is to use an outdated hash algorithm. Hash algorithms are used to store passwords since they are one-way, deterministic functions. This means that it is possible to determine if a submitted password is correct by comparing its hash to the stored value on file. However, knowledge of a password’s hashed value does not allow an attacker to reverse engineer the original password.
Hash functions become outdated when they can no longer appropriately protect their inputs against collisions. A hash function collision is when an attacker can find two different inputs that produce the same hash output. Since password management systems only compare hash outputs, finding any input that produces the same output as a user’s password allows an attacker to authenticate to a system. A strong hash function makes this extremely difficult, and an outdated one fails to do so.
Unfortunately, many different CMSs and web application frameworks use outdated hash functions. Over a quarter of the tools studied (26.5%) used MD5 to protect user passwords. MD5 was first broken in 1996 and is considered trivial to break now. Any system relying on the MD5 hash algorithm to protect user credentials is completely insecure.
SHA-1 is better than MD5 but is still considered insecure since the ability to create hash collisions has been demonstrated for the algorithm. Despite this, 12.2% of CMSs and web application frameworks use SHA-1 to protect user passwords. As a result, over a third of the tools studied improperly protect user credentials by securing them with broken hash algorithms.
Misuse Of Iterations And Salting
While the use of insecure hash algorithms by several CMSs and web application frameworks is bad enough, several of them included in the study did not even use the hash functions correctly. As a result, the user accounts are even easier to crack than they would be usually.
People tend to use weak passwords and reuse them over multiple accounts. Modern password management systems deal with this problem by using salts and password iterations. A password salt is a unique, random value appended to a password before hashing it. Using a unique salt for every password ensures that users with the same password will not have the same hash value stored in the password database. Failing to use a salt or using the same salt for all passwords allows an attacker to easily identify accounts using the same password, expediting the process of cracking them.
Iterations are designed to protect weak passwords. By forcing an attacker to run an algorithm many times to produce the final hash, a system decreases the speed at which they can test potential passwords from a list. Failing to use enough iterations allows an attacker to quickly test possible password candidates and determine a user’s password.
Some of the systems that were discovered to use MD5 or SHA-1 for password hashing also failed to use salts or iterations to protect passwords. Affected tools include X3cms 0.5.3, GetSimple, MiniBB 3.2.2, and Phorum. User accounts for applications using these can be trivially cracked by a hacker.
Securing User Credentials
The results of the recent study demonstrate that organizations need to be cognizant of the security of the tools that they use to build web applications and their potential impacts on the security of the web applications themselves. A large number of tools improperly stored user passwords, opening up users to attack and potential fines for regulatory noncompliance.
Organizations have multiple options for dealing with this issue. Several of the systems included in the study had good password management practices, so they can be trusted to properly secure user credentials. Alternatively, a web application can manage its own credentials, rather than passing off the responsibility to a third-party. When developing a password management system, it is a good idea to consult OWASP’s cheat sheet on password management best practices.
Regardless of the method used for managing user credentials, applications should perform monitoring of user logins and behavior. Poor password hygiene by users and the number of data breaches revealing user credentials means that many users’ passwords are in the hands of hackers, potentially without their knowledge. The ability to detect attackers masquerading as legitimate users is essential to application security.
