> It means the uppercase you password when generating a hash. Good lord.
No it doesn't. Say your password is "Abc1". When you sign up, they would hash "Abc1". Then when you login, say you type "aBC1". The site would first hash "aBC1" and find that it is incorrect. Then it would invert the case to "Abc1" and try again, and it would work. It's basically just automating a second attempt. In fact, I wonder if it even counts as a second failed attempt if both failed.
If someone were able to make brute force attempts on the website, it would still end up evaluating the passwords the same number of times as if the inverted case wasn't checked (the attacker would just need to invert it themselves) and in fact would likely slow down the attack because they are forced into checking inverterted case passwords. But that's moot anyway because the website limits login attempts. And if the database leaked, it's not stored any differently than if they didn't invert the case.
Of course I'm making assumptions about the implementation (I didn't know they did this until this comment) and it could be done poorly but I would hope a company as big as meta/Facebook put at least this amount of thought into it.
Whoa, let's not all freak out here (for this post and sibling posts). While I don't think I would personally do this, it only removes 1 bit of entropy because the case is swapped, and it only does that when checking the password. This does not imply they uppercase/lowercase the password prior to hashing at all, nor that foobar123 will work when the hashed password is FooBar123. Rather that fOObAR123 can be transformed by swapping case to FooBar123 and then checked against the hash.
Don't forget that the shift key makes things lowercase when Caps Lock is turned on.
For an offline attack, where you have to attack Facebook's bespoke "password onion"[1], you would still have to compute both hashes. There is approximately zero impact on cracking strategy.
There may be an argument to be made that Facebook would have otherwise used a larger work factor had they not had to do double the work for wrong passwords, but the common case is the password being correct, so I doubt this was a significant consideration in the parameter selection.
Even for the online case, I really don't think it affects security in a nontrivial way.
I agree, for offline attacks there is no impact. Very interesting article. What is up with $\$$cur there btw? In PHP that would be a gnarly indirection-- even if it's something in FB's codebase, why keep it on the slide like that?
No...they literally have the password you just entered. In plain text. They can change the case of that and compare against the DB hash twice. The entropy for someone trying to brute force the hashes directly is identical.
You either have to double the number of failed attempts before a lockout or deal with users getting locked out much quicker.
Thus causing more frustration than if you'd done nothing at all to address the capslock issue (that they're going to have to notice and fix anyway at some point, when they inevitably need to type again)
Well, in Facebook's case, it's more than double (it appears to be 3 or 4 at most), and it is done smartly (the reverse caps try is only performed if you typed in your password with capslock turned on), and with a proper system to throttle attempts before locking an account, it seems reasonable to me. See https://security.stackexchange.com/a/214815 and its sources.
Entropy here is referring to how random the user's password is, and thus how difficult it will be to guess it. For example, a four character password which can be comprised only of lowercase a-z has much lower entropy than a four character password which can have A-Z and a-z (and the case is significant).
I may be misunderstanding it. But they are switching the case, not turning it lowercase. So trying both AbCd and aBcD, because that's what you'd type if caps lock was on.
It exchanges a few bits of entropy for a much smoother user experience, and it doesn't actually aid an attacker much (they could just try the permutations themselves)
It means that the passwords have far less entropy.
It means the uppercase you password when generating a hash. Good lord.