As many APIs provides access remotely to their data through the user/password combination, I was wondering wich was the best way to store those value, highly secure way (even if 100% is impossible), in order to connect them directly without asking everytime for those.
A:
Store login in plain in database and the md5(md5(password)+salt) as a password hash. That should be secure enough
FractalizeR
2009-10-01 13:00:08
MD5 is utterly broken for security purposes.
Jacco
2009-10-01 13:02:41
If the client only has the md5 hash of the user's password, the client won't be able to log into a server. md5 hashes are one-way. The client needs the actual password in order to negotiate any login protocol. Techniques like salted md5 are for server-storage of passwords, not client.
Rob Napier
2009-10-01 13:04:27
That's the approcach that came to my mind initially, but as you're saying, found out that it then won't be possible to send it back to the remote server
Ben None
2009-10-04 09:14:45
+1
A:
The best way would be to rely on someone else to store them and to trust that party instead. But if you must have control I'd suggest reading a good book on secure systems and then thinking again. There are many many variables to consider and most of the time you just mitigate the risk vs cost.
Preet Sangha
2009-10-01 13:00:50
+1
A:
I recommend one of three approaches:
Avoid storing the password at all by using authentication tokens. In this model, the user logs in one time, and the server generates a unique, large, sparse token that the client can store and use as its login "password." The server only accepts this token from one client at a time, so if two clients try to use it simultaneously, the token is invalidated. The token is also generally invalidated after a period of time (1 week, 2 weeks, a year, whatever is appropriate). When the token is invalidated, the user must log in again by hand and the process is repeated. This is basically the approach of Gmail and similar web site logins.
If you must store the password, I recommend relying on the OS to manage it for you. Windows and Mac both have good secure storage systems (DPAPI and Keychain respectively). Linux doesn't have a good always-available solution, though, so it depends on your market. The advantage of using the OS is that the OS can provide protections you can't easily provide yourself, and the user can centrally manage the overall protection of the OS storage (using smartcards, etc.) to a level you are unlikely to reproduce. The OS secure stores are also typically quite convenient for the user.
If neither of these are options, then store an encrypted file with a master password that the user must enter every time they launch your app. This is how Firefox works (or at least it did last time I looked, which has been a while). This is reasonably secure, but much less convenient for the user (and low convenience often means low adoption by the users, or poor use through simpler passwords, etc). I would investigate the Firefox code as an example of how to implement this.
Rob Napier
2009-10-01 13:18:35