How Do We Know Your Password If We Never Store It?
We never store your password in the database. Instead, what we do is run a cryptographic hashing function. Let me explain with a simple example; let's say that our one-way hashing function is just adding up the letters of the alphabet, where A=1, B=2, ... .
So you tell us that you want your password to be "CAT." The word CAT will convert to 3 + 1 + 20 = 24, so in the database we store:
name = yourusername, password_hash = 24
Now, notice that even if someone gets our database, they have no clue if your password is CAT or ACT or TCA or HHH or FFFF or DDDDDD or any of the combinations of letters that add up to 24.
What We Really Use
The function that we really use is not adding the letters in the password, but instead, a function called MD5, which hashes any string into a 16 byte value that is called a fingerprint. MD5 has a number of properties, one of which is that it is fairly resistance to tampering, and is not easy to forge. Given our simple hash function above where we just added the letters, it would be fairly easy to figure out a password that would map the value. However, with MD5, you pretty have to run through a bunch of different values, hoping that you hit the right value.
How Do You Handle Logins?
If you have Javascript enabled, you never even send your password to us: we actually compute the MD5 of your password on the client side, and that is the value that is sent to us. This gives us the advantage of secure logins without having to use HTTPS.
Layers Of Complication
"But wait," you ask, "if you just send an MD5 over, then I can just steal the MD5 and use that as the password."
Ah, not that easy. We use what is called a salt to make sure that the MD5 value for any particular password; it makes the "correct" MD5 for a particular login different every time. It works something like this:
- we know the MD5 of your password
- user tries to log into the site
- we assign a special password salt for the session -- call it "ABCDE"
- user types their name and password ("password" wink
- your browser computes the MD5 of the password ("5f4dcc3b5aa765d61d8327deb882cf99" wink
- your browser adds the salt to the MD5 ("5f4dcc3b5aa765d61d8327deb882cf99ABCDE" wink
- your browser computes the MD5 again ("9ad58c3f9e7b7ca796e8e25d555c15e9" wink
- that MD5 is passed to us
- we compare it versus what we know about the MD5 + the salt we passed before
So, this is how you can log in without us knowing your password.
Security of MD5
How secure is this? I mean, after all, I'm giving nitty gritty details here!
Pretty secure. Computing the MD5 for a value is computationally intense: you basically have to run through all of the values. (There have been some academic papers lately that point to some flaws in MD5, but these flaws are not applicable to this situation). In fact, we are so confident that this is secure that I will put my money where my mouth is. The following are the MD5s for a two login sessions of mine. If you are the first to find the original password, I will mail $100 to you anywhere in the world. If you are the first to find any 5 to 15 character password that maps to the MD5 values, I will mail $20 to you anywhere in the world. Free and legal money!
EDIT: Okay, just to be clear, this is now an old password. So don't worry about having your account banned for hacking. The cash offer still stands, though. biggrin
salt = "fgtt", MD5(MD5(password) + "fgtt") = c6cb9cb50e84724ce8f09301e62d8b0b
salt = "3p09q", MD5(MD5(password) + "3p09q") = dd502a9d41d5b2bb64990779ddbc060f
salt = "3p09q", MD5(MD5(password) + "3p09q") = dd502a9d41d5b2bb64990779ddbc060f
Community Member
EDIT: Oh wait, it would be stupid of me to try and log in as your account when I can do this locally x_x;;
Thanks for this update. I hope you're not revealing too much. You know, a lot of people couldn't figure out this basic information... Not like you have to worry about that type of person trying to find the password.