
Ask HN: If banks hash passwords, how can they ask for separate letters? - CarolineW
I&#x27;ve been hunting on the interwebs for an answer to this, but my Google-fu is failing me.  I will continue to search, but if someone can point me in the right direction, or let me know the magic words to search for, I&#x27;d be grateful.<p>Banks have your password, but when they verify you online or over the phone they ask for, say, characters 2 and 5.  If the password is one-way hashed, how can they do that?  If the hash is reversible, isn&#x27;t that dangerous?  And if it&#x27;s not hashed, move banks.<p>So assuming they use a one-way hash, how do they do that?<p>Thanks.
======
dagw
This a guess, I have no inside information: Generate N random subsets of the
password and hash those in addition to the password. Then each time they'll
pick a random subset and ask for that. N can be made fairly large and still be
trivial to calculate and store

~~~
CarolineW
That still feels comparatively trivial to extract passwords from that scheme.
The subsets are small (otherwise users wouldn't be able to respond) so it's
simple to try all combinations of size, say, 3, until you get the right hash.
If the database is compromised, the passwords are then easy to reconstruct.

------
janesconference
Secret sharing? [https://smartarchitects.co.uk/news/22/67/Update-to-
Partial-P...](https://smartarchitects.co.uk/news/22/67/Update-to-Partial-
Passwords.html)

~~~
CarolineW
I've searched through _lots_ of things on secret sharing, and can't find any
way to shoe-horn the "name letters 3, 6, and 8" idea into one of them.

Oh. Maybe I can.

Hmm.

------
MUTAKIRORIKATUM
[https://en.wikipedia.org/wiki/Partial_Password](https://en.wikipedia.org/wiki/Partial_Password)

~~~
CarolineW
Quoting:

    
    
        As the user doesn't supply the whole
        password it cannot be verified against
        a stored digest of the whole password.
    

It points out that this (partially) protects one from eavesdropping, but it
doesn't say how the password can be verified unless the service stores the
password in clear, which it admits is inadvisable.

So that doesn't explain how it works, unless you accept that the bank is
storing the password in plaintext.

Question still open.

------
ranaway
Hash each letter?

~~~
gus_massa
If you hash each letter separately, then for the fist letter you have
something like $2a$06$54k.unrkdM4PInCBA9Kx9uTQEa8GZR76dO7xx4puT9m2rhtFioFbm .
Can you guess which letter it is?

(spoiler alert)

It's very easy to recover each letter separately using brute force. If your
password has 8 letters and for the sake of simplicity let's assume the they
are only uppercase normal letter, then the difficulty to guess it is reducer
from 26^8=2E11 to 26*8=2E2. (The difference is bigger with a longer password
or a bigger alphabet.)

