Password handling best practices

encryptionpasswords

We have a number of network services and web-apps authenticating users differently, some with different password requirements for very bad technical reasons. For example, one system refused $ signs until someone "fixed" the string handling in some Perl scripts. Another system appears to parse @ signs in passwords. Another system issues users passwords to them, and the developer was proud to show me that it was a reversible transformation of the username.

I understand that password hashes are preferred; but I wonder how much must necessarily be sacrificed in the transition to browser based software. For my own edification, and to make a case for change, are there authoritative references on the subject of password handling and management that I can show those in my department and those responsible for other services?

Best Solution

The fewer restrictions you can put on what characters are allowed in a password, the better - it increases the search space for someone attempting to brute-force. Ideally, there's no reason to disallow any ASCII character (aside from control characters and things like backspace/newline) within a password.

As far as length limits go, minimum limits are good (to a point - don't piss off your users by setting a minimum length of 10, for instance), maximum limits are bad. If someone wants to have a 50-character password, let them - storage shouldn't be an issue as long as you're hashing, since the hashes are of constant length.

Always store passwords in a non-reversible hash form - ideally, a cryptographically-secure one. There's no reason to store them in a reversible form (if someone forgets their password, just set a new password for them, don't try to "retrieve" it). Don't write your own hashing algorithms - chances are you're not a cryptography expert, and there are plenty of good, proven hashing algorithms out there with implementations (either in code or library form) for just about any mainstream language.

Salt your hashes with a per-user salt of sufficient length to prevent rainbow table cracking.

Chapters 5 & 6 in Pro PHP Security deal with storage and encryption of passwords:

Some relevant articles:

Related Question