Skip to content

#21022 Add sha2 pre-hashing for passwords #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
johnbillion merged 5 commits into from
Jan 6, 2025
Merged

#21022 Add sha2 pre-hashing for passwords #5

johnbillion merged 5 commits into from
Jan 6, 2025

Conversation

@johnbillion
Copy link
Owner

@johnbillion johnbillion commented Nov 5, 2024
edited
Loading

This introduces password pre-hashing in order to retain the entropy of passwords greater than 72 bytes in size.

  • The wp- prefix is needed in order to differentiate between passwords hashed using this mechanism by WordPress core and a password hashed using vanilla bcrypt via one of the several existing plugins that implement bcrypt. Not doing so would mean not being able to support and upgrade passwords hashed by one of those plugins.
  • The base64 encoding is required to prevent a null byte being present in the hashed password value.
  • sha384 is used because it results in a string 64 bytes in size being passed to bcrypt. This is functionally no different to truncating a sha512 hash.
  • Reinstates the 4096 byte length limit that exists in the phpass implementation currently used in WordPress core.

See WordPress#7333 for full details.

Supporting references

Tickets

Trac ticket: https://core.trac.wordpress.org/ticket/21022
Trac ticket: https://core.trac.wordpress.org/ticket/50027

@johnbillion johnbillion mentioned this pull request Nov 5, 2024
Closed
12 tasks
@johnbillion johnbillion marked this pull request as ready for review November 5, 2024 10:40
@github-actions
Copy link

github-actions bot commented Nov 5, 2024
edited
Loading

The following accounts have interacted with this PR and/or linked issues. I will continue to update these lists as activity occurs. You can also manually ask me to refresh this list by adding the props-bot label.

Core Committers: Use this line as a base for the props when committing in SVN:

Props johnbillion.

To understand the WordPress project's expectations around crediting contributors, please review the Contributor Attribution page in the Core Handbook.

@johnbillion
Copy link
Owner Author

johnbillion commented Dec 12, 2024
edited
Loading

@soatok @dd32 @Synchro @pkevan Thanks for your input on WordPress#7333 .

This is the linked PR that I wrote at the same time which implements pre-hashing in order to avoid the 72 byte length limit of bcrypt. I've detailed in the description above why a prefix is needed on the resulting hash.

I've just updated it to use hash_hmac instead of manually prepending a prefix on the password value based on the info from @soatok.

If we were to go ahead with pre-hashing, what are your thoughts on this approach?

@soatok
Copy link

soatok commented Dec 12, 2024
edited
Loading

LGTM. This would satisfy the baseline requirements I mentioned in the other thread.

While there may be some additional security benefit to having another constant added to https://api.wordpress.org/secret-key/1.1/salt/ and then used in the HMAC step, it would also require admins to manage those salts (e.g., when migrating or restoring from backup). This PR balances a minimal operational load with disarming bcrypt's footgun.

This was referenced Dec 18, 2024
Closed
Closed
@calvinalkan
Copy link

calvinalkan commented Dec 26, 2024

More:

https://paragonie.com/blog/2016/02/how-safely-store-password-in-2016#why-bcrypt

@johnbillion johnbillion merged commit 1cebd80 into 21022-bcrypt Jan 6, 2025
16 checks passed
@johnbillion johnbillion deleted the 21022-bcrypt-sha2 branch January 7, 2025 00:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@johnbillion @soatok @calvinalkan