← Back to context

Comment by fc417fc802

19 hours ago

There are substantial differences between database access, snooping the logs, internal (no TLS) wiretap, and full MITM of the frontend.

Hashing client side minimizes the risk of any blast radius exceeding the bounds of your own service. There's obviously no way to prevent an adversary who achieves full MITM from gradually harvesting credentials over time. The only solution there is to use keys instead of passwords.

4 comments

fc417fc802

Reply
necovek  18 hours ago

We are not disagreeing, but I am not getting my answer: how is client side hashing really helping, what are the circumstances it helps with if you do have the basics right?

In your enumeration, what is breached for this to be meaningfully impactful for other services where customers might be reusing credentials?

  • fc417fc802  18 hours ago

    As opposed to what? Your question seems unclear to me.

    I already answered you that if you assume full MITM of the frontend then it is physically impossible to prevent gradual credential harvesting. Did you have a different scenario in mind?

    > how is client side hashing really helping

    Compared to what? Server side hashing? It prevents the plaintext from ever hitting your infra which minimizes to the greatest extent possible an insider or intruder gaining access to the plaintext. Since preventing access to the plaintext is the primary purpose of hashing it's the sensible option if you're forced to pick only one.

    Of course there's really no good reason to pick only one of the two. You might as well elect for defense in depth against rogue insiders with full db access even though it's difficult to imagine what use they would have for a password based login at that point.

    • necovek  14 hours ago

      There is certainly good reason to do server-side hashing: you do not keep a persistent record of the customer's secret, yet keep the ability for them to authenticate with it.

      If you are never logging a clear-text secret and storing a hashes version to validate against, and using TLS between client and server, client-side hashing does not bring much benefit other than protecting customers' reused passwords against people who have sufficient access to the infrastructure to MITM the client but no ability to modify the client side code where they could extract the password directly.

      When IT has write access to code, client side hashing protects only against accidental log leakage and similar.

      1 reply →