

Important Security Update (Battle.net user information compromised) - chaud
http://us.blizzard.com/en-us/securityupdate.html

======
NelsonMinar
Valuable target. Battle.net is the login system for Warcraft and Diablo, both
games where player accounts have significant cash value. The gold and items in
a serious Warcraft player's account are often worth well over $50 and are
relatively easy to strip and sell on a black market. Diablo 3 has a
legitimized real money auction house, only heightening the risks for Blizzard.

------
simonbrown
Is anyone familiar with the Secure Remote Password protocol, and how secure it
is in comparison to hashing and salting passwords using algorithms like bcrypt
and PBKDF2?

~~~
ianburrell
SRP is a protocol to authenticate without exchanging passwords. It has the
advantage that the server only ever sees and stores a verifier based on the
hashed password. However, the password is still vulnerable to brute forcing.
There is an extra modulo exponentiation which may make GPU calculation harder.
I think the default hash for the verifier is SHA-1. It is possible to use a
slow hash, like PBKDF2, for the verifier.

~~~
thirsteh
It is also, unfortunately, infeasible to use in web applications without some
kind of plugin, much less across many different browsers. Blizzard still needs
people to be able to log into battle.net to renew their subscriptions and buy
vanity mounts.

If you control the client side and it's a normal client/server-type
application, absolutely, go for it. It poses much less risk to your users than
any scrambling or key derivation protocol, no matter how strong. (Those do
nothing to prevent getting your favorite password by snooping on ethernet
traffic or memory, for example.) As you mentioned, SRP too has adjustable
knobs.

------
newman314
FWIW, this is Battle.net's password policy. <http://imgur.com/q2oPZ>

It also appears that cut&paste is disabled for the change password fields
which is REALLY annoying.

~~~
tedunangst
I suspect that's so you don't type it wrong, copy it, then lock yourself out.
I have typoed passwords before, very annoying when you know the password and
just need to figure out which permutation it is.

------
adamzochowski
How does this affect users with Key Fobs?

<http://us.blizzard.com/store/search.xml?q=authenticator>

------
talon88
I'm be quite willing to bet that the attack vector was a compromised password
that was reused to access their admin panel.

~~~
Cyranix
Grounds for this claim?

~~~
thirsteh
I'm guessing there's no basis, beside that approach being what we heard about
most recently with Dropbox.

It would be a little ironic if a company that's been strongly advocating the
use of multi-factor authentication for many years now didn't enforce it for
their own superusers. If that's not the case, then it's double ironic that
those superusers are able to access the password digests in the database
through that panel.

------
MordinSolus
I don't quite understand the 16 character password limit.

~~~
kijin
Most likely a VARCHAR(16) plaintext field.

~~~
thirsteh
Everybody here loves bcrypt, but you don't hear about how it has a max input
size of 55 bytes >:)

There's no good reason the max should be so low, but you should not hurt your
users by silently truncating input or exceeding the entropy limit of a fixed-
size scrambling mechanism.

