Posted - 08/22/2018 : 08:07:41
The recent email about ECT Version 7.0 asked for new feature suggestions, so it seemed like a good time to share a few notes we've jotted down. These are all about login security.
1. This is an under-the-hood suggestion, but the password hashing system could use some modernizing. Consider a more secure system such as bcrypt, rather than MD5. Consider random salts for each user (stored in the database) rather than a single salt. Switching to bcrypt in PHP (5.3+) is easy, because it’s built-in. Using it in ASP (without using a PHP file) might be harder, because there’s probably not a modern bcrypt function pre-written in it. Maybe a javascript function?
2. Whether or not the above item is implemented, consider NOT sending the password hash to the user in the “Forgot Password” email. Make a separate, random string that’s stored in the database. Also consider giving it a time limit. Also, don’t store the hash in the user’s browser as a cookie.
3. Create a system where a new user has to verify their email address. The site would send a confirmation email with a link they have to click within a certain time period.
4. Not an issue for me, since we run our site 100% on https now, but browsers will give a security warning if there are password fields on non-https pages.
Thanks!
|