

PolyPassHash: Password storage scheme to prevent cracking passwords individually - harshreality
https://github.com/PolyPassHash/PolyPassHash

======
infogulch
Essentially, the password hashes are AES encrypted with a shamir secret key
that is stored in memory, and on boot up can be unlocked by k of n
administrators/power users logging in.

It also presents a technique to weakly verify normal logins between bootup and
when the k admins log in by essentially leaking a few bits of entropy of the
user's hashed password.

This only protects against attackers accessing the password database/file from
disk, not from an attack that compromises memory and the key stored there on a
running server. However, in the case that the key _is_ compromised, this is no
worse than best practices used today.

Assuming the admins use strong passwords, this requires potential crackers to
crack k strong admin passwords at once if they only have the file.

------
Oculus
_" How hard is it to crack passwords stored using this technique?"

Suppose that three people have passwords that are each randomly chosen and 6
characters long. A typical laptop can crack those passwords in about 1 hour.

If you take the same passwords and protect them with PolyPassHash, every
computer on the planet working together cannot crack the password in 1 hour.
In fact, to search the key space, it would take every computer on the planet
longer than the universe is estimated to have existed._

If it sounds too good - it probably is. Can anyone with a strong cryptography
background explain if this idea has merit or if it is simply pixie dust.

~~~
danpalmer
I'm not a crypto expert, but I like to think I'm relatively well informed and
able to spot obvious bullshit when it comes to this stuff. Going on the
description given on GitHub, but not the paper yet, it sounds plausible.

------
tlrobinson
_" Extremely weak passwords are a bad idea. An attacker can guess things like
password, etc. and just try them even if they do not have the database. So do
not use them regardless of the storage technology.

Another thing PolyPassHash does not protect against is password reuse. Do not
use the same password on multiple sites no matter how strong it is! We
recommend using a password manager that generates a separate, strong password
per site."_

If they recommend using a password manager then what additional security does
this scheme provide? Presumably your password manager generates strong, unique
passwords.

