View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
5080Composrcore_cnspublic2022-11-27 01:012022-11-27 21:27
ReporterChris Graham Assigned ToChris Graham  
PrioritynormalSeverityfeature 
Status resolvedResolutionfixed 
Summary5080: No longer use password hash as password cookie
DescriptionComposr, like many forum software, uses the password hash as a password cookie for "remember me" to work.
This is secure as you can't get the password back from the hash.

However, it is not ideal because if the password cookie is stolen, the password must be reset in order for that to not work as a password cookie on another machine.
There would be no way to force a mass-reset on all password cookies, for example.

Additionally, there is a big security issue if hashing is turned off for some reason (definitely not recommended, but we do support that at user's own risk - e.g. for quick Intranet integrations).

And finally, if it does become the case that hashing becomes reversable somehow (quantum computers? rainbow tables? bad hashing algorithms?) then a stolen password cookie would be convertable back to a password, and that password would then be known.

Some software supports "login keys", which are just random keys on an account that are used for comparing against the same value stored in password cookies. We can do this too.
TagsRoadmap: v11, Type: Security
Attach Tags
Time estimation (hours)2
Sponsorship open

Sponsor

Date Added Member Amount Sponsored

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2022-11-27 01:01 Chris Graham New Issue
2022-11-27 01:01 Chris Graham Tag Attached: Type: Security
2022-11-27 01:01 Chris Graham Tag Attached: Roadmap: v11
2022-11-27 21:27 Chris Graham Assigned To => Chris Graham
2022-11-27 21:27 Chris Graham Status Not Assigned => Resolved
2022-11-27 21:27 Chris Graham Resolution open => fixed