2.2.1 Plain-Text
Plain-text is the earliest and simplest form of password storage. In this case the password is, as the name suggests, stored in readable text. There is in this case no encryption to protect what the actual password is. This would then grant anyone with access to the password file the ability to read it.
2.2.2 MULTIC Scrambler and PNT
The MULTICS system stored user passwords on what was called a PNT, they were stored there in an encrypted format and thus not in plain-text. In PNT, this was then further secured from unauthorized usage by utilizing an ACL (Access Control List).
The password is ecrypted by the MULTICS scrambler. This scrambler works by first compressing an 8-character MULTICS—ASCII password from 72-bits down to 56-bits by removing the two higher order bits from each character. Blanks are added if the password’s length is less then 8, the resulting compressed password —from now called p —is then multiplied by its own low-order 16-bits, then it is reduced by modulo 1019−1. The equation is illustrated in Figure2.1.
Figure 2.1: MULTICS Scrambler notation [16]
2.2.3 Hash
Hash functions represent one of the safest known methods of password storage. Hash function come in many forms, which will explained in further detail in Section3.3. The schemes used over the years are DES-based, MD4, MD5, bcrypt, SHA-1 and SHA2. In Table2.1you can see the hash value of the string"password"using these schemes.
Type value
Plain password
standard DES stqZw66BRck1U
extended DES JW8FtKdEkNM
MD4 8a9d093f14f8701df17732b2bb182c74
MD5 5f4dcc3b5aa765d61d8327deb882cf99
bcrypt uTWAJ9Crug/6rTMe920hS.ALZlKGsmlXkUyKmgYXoxxUyWWIuq8MW SHA-1 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8
SHA-2 (256) 5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8 Table 2.1: Hash examples
2.2.4 Salted Hash
A salted hash is quite simply a hash where a "salt" is added to the front of the plain-text before it is sent trough the hash function as seen in Figure2.2.
This salt is usually some random string of a fixed length and for maximum efficiency it should be different for every password stored, but it is not necessary for the salt to be a secret. Adding salt is done to safeguard against certain types of attack on passwords or password file(s) such as look-up tables and rainbow tables to name a few. An additional effect is that even if two people have the same password their password’s hash values will be different.
Figure 2.2: Hash Salting [17]
2.2.5 Shadowed Files
As the /etc/passwdfile —which contains the information of the users —of a UNIX system is readable by any logged on user, the password that used to be stored there was moved to a separate and more secure file. The name of these files are different depending on the systems, but they are referred to as ashadowed password file. These files contain an entry for each user listed in the /etc/passwdfile [18]. Even though the passwords were already encrypted in the original/etc/passwdfile this reduces the dangers and possibility of attacks on the passwords.
Even though the the name and the structure of the shadowed file vary depending on theUNIXsystem it usually resemble that of the/etc/passwdfile.
A typical structure of theshadowed password filecan be seen in Figure2.3or a more generic form in Figure2.4.
Figure 2.3: Shadow File Entry
Figure 2.4: Generic Shadow File Entry
As seen in the Figures2.3and2.4the entries are a string where the fields are separated by a colon. These fields are
• Username: the user’s login name.
• Password: The password of the user, in encrypted —created bycrypt(C)
—form usually setup as $id$salt$hash digest. The $id$ indicates which hash algorithm that was used [19].
– $1$ is MD5 – $2a$ is Blowfish – $5$ is SHA-256 – $6$ is SHA-512
• Last changed: Days since the password was changed.
• May change: the minimum amount of days between password changes.
• Must change: The amount of days before the password must be changed.
• Warn days: The amount of days before the previous entry that the system starts to ask the user to change their password.
• Disable: The amount of days after the expiration of the password that the account is disabled.
• Reserved: reserved for a future use.
2.2.6 SAM File
Just like the Unix systems store their passwords in a separated an encrypted file so does Microsoft Windows as well. This file is known as theSecurity Account Managerfile, it was first introduced inWindows 2000’s Service Pack 4. The file itself contains the information of the local user and group accounts such as the password, it also includes information regarding account groups, access rights and special privileges [20].
The SAM file can be found stored in the Windows registry, and to increase the security it cannot be moved or copied while the system is running. Another feature of security is the ability to use the Windows SYSKEY to partially encrypt the file itself [21]. LM or NTLM Hashes are used to obscure the password before it is stored in this file to increase its security.
The SAM file is used in cooperation with the Local Security Authority (LSA) to validate a user’s logon attempt in order to authenticate the user’s credentials. This function is initialized on startup and runs in the background.
2.2.7 Password Managers
The last method of password storage mentioned here is unique from the others as this one is for the user themselves to store their password. This method is called apassword manager, they are applications or browser plug-ins that store all of a users online credentials. The purpose is so that the users really only need to remember onemasterpassword, that of the manager.
These managers can help with password security as it would allow for longer, more unique passwords for each of the user’s web page or service accounts. As the passwords could be longer to mitigate the weakest link in
password security —the human element —it is thus stronger. More so is the then reduction of password reuse over services.
To protect the password the managers encrypt them using an encryption scheme. Which encryption that is used is up to the provider of these applications and might then differ from provider to provider. An example is the providerwww.1password.comwhich uses a 256-bit AES encryption in GCM mode, with a key derivation generated locally using PBKDF2.
Other features these might posses in order to increase their usefulness and security are for example:
• Identifying weak passwords
• Identifying duplicate passwords
• Help in createing a strong password
• Synchronize between systems and devices to maximize area of coverage.
• Use biometrics as master password
• Share logins without sharing passwords.