Right now my login system is the following:
- Password must be at least 8 characters long, and contain at least one upper and lowercase letter, a number and a symbol.
- Password can't contain the username as its substring.
- Username, salted+hashed (using SHA2) password stored on db.
- The nonce (salt) is unique for each user and stored as plaintext along with the username and password.
- The whole login process can only be made over TLS
How would you rank the effectiveness of the following measures to increase security?
- Increase password length
- Force the user to change the password every
Xperiod of time, and the new password can't be any of the lastYprevious passwords Increase nonce size from 32 bytes to 64 bytes(removed for uselessness)- Encrypt the salt using AES, with the key available only to the application doing authentication
- Rehash the password multiple times
- Use a salt that's a combination of a longer, application-wide salt + unique user salt on the db.
I am not very fond of 1 and 2 because it can inconvenience the user though.
4 and 6 of course are only effective when an attacker has compromised the db (eg: via SQL injection) but not the filesystem where the application is in.