I'm wondering about the practices about authentication with regard to passwords.
I'm looking to exclude the HTTPS / SSL cert method, which is obviously the most secure method, but it's not completely within reach right now.
Here's what I got from that:
+->| SERVER |---------->| CLIENT |
| +----------+ nonce +----------+
| | |
| SESSION["nonce"] = "1234" | SHA(nonce + password)
(sorry for ASCII drawing failure)
What is good practice for user password authentication without SSL? (Feel free to yell at me for not using SSL, but I'm currently not able to implement it.)
There just is no way around it, the only way to be secure is use SSL to share secrets when you register. From then on you can just transmit an authenticator (stored in a secure cookie) comprised of an expiration timestamp, any identifying user data (like userID), and a non-malleable MAC digest of the expiration and userID. Doesn't protect against replay but it helps to enforce a short expiration for the authenticator. With this approach you'll only need to use SSL for the initial login.
This is the best explanation of web authentication I've encountered on the net [PDF]: