this post was submitted on 12 Dec 2021
32 points (100.0% liked)
Lemmy
12524 readers
10 users here now
Everything about Lemmy; bugs, gripes, praises, and advocacy.
For discussion about the lemmy.ml instance, go to !meta@lemmy.ml.
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I would be happy to see client-side password hashing implemented.
I understand that responsibility of using unique passwords falls on the user, and maybe a truly malicious instance would be able to remove the hashing (although I think that it would be possible to check if non-hashed passwords leave the client). However, the reality is that many people still re-use their password for many websites and do not use 2FA when not required. Password hashing would reduce the level of trust required of the instance makers.
On a similar vein, it would be nice to anonymize the ip addresses that are printed to the docker logs if possible, similar to the nginx logs. I think that this would be easier to undo for a malicious instance, but at least they would need to have a bit more technical knowledge to get to this information.
The back-end already does password hashing using bcrypt.
This protects the database from a breach, but someone can set up an instance and collect the passwords from the logs:
As far as I can tell with my very limited experience, back-end encryption is the standard. One trusts the host not to steal their passwords from the logs, so protecting the data in the case of a breach is good enough. I think that it would make sense for the standard in the Fediverse to be different. Passwords should be encrypted by the client by default, and then re-hashed back-end.
It is also possible that what I am saying does not make sense in practical grounds - this is just something that surprised me while looking through the logs. I was under the wrong impression that plain text passwords were never accessible before looking into this topic.
We've recently removed that logging line, which logged all websocket requests. But yes most importantly, the database stores no plaintext passwords.
You don't want to client side hash passwords before sending, because different clients might not do it the same way. But also we have to add oauth at some point, so 3rd party clients don't even have to know your pass. This is less important with open source apps imo, which are the only ones we're gonna link to anyway, but it'd be nice to have.
Client-side hashing doesn't really do much. It just makes your hashed password the effective password. The only advantage it provides is some defense against password reuse because the "source" password is hard to discover. However you shouldn't be reusing passwords anyways so that shouldn't matter.
An actual improvement would be using something a PAKE like SRP or OPAQUE. This way the server never learns enough information to authenticate as you.
A major downside of these systems is that because they aren't natively supported by browsers they require javascript. But that probably isn't a major issue because IIUC all interactivity on the webui requires JS anyways.