[GH-ISSUE #60] Proper password salting #29

New issue

Closed

opened 2026-02-27 08:14:45 +03:00 by kerem · 1 comment

kerem commented

2026-02-27 08:14:45 +03:00

Owner

Originally created by @ColonelThirtyTwo on GitHub (Oct 19, 2021).
Original GitHub issue: https://github.com/lldap/lldap/issues/60

The password hashing code uses a static salt. This defeats the point of having a salt - two users with the same password will have the same hash. The comment that it "doesn't affect the security" is incorrect and demonstrates a big misunderstanding about the purpose of the salt.

Please randomly generate the salt using a secure random generator, and use the hash_encoded and verify_encoded to store the salt along with the hash.

Originally created by @ColonelThirtyTwo on GitHub (Oct 19, 2021). Original GitHub issue: https://github.com/lldap/lldap/issues/60 The password hashing code [uses a static salt](https://github.com/nitnelave/lldap/blob/fa937cc33753fd11e6519c0bfc3051195fb44398/auth/src/opaque.rs#L21). This defeats the point of having a salt - two users with the same password will have the same hash. The comment that it "doesn't affect the security" is incorrect and demonstrates a big misunderstanding about the purpose of the salt. Please randomly generate the salt using a secure random generator, and use the `hash_encoded` and `verify_encoded` to store the salt along with the hash.

kerem

2026-02-27 08:14:45 +03:00

closed this issue
added the
bug

wontfix

invalid
labels

kerem commented

2026-02-27 08:14:46 +03:00

Author

Owner

@nitnelave commented on GitHub (Oct 19, 2021):

Thanks for the review! However, I'm not using plain Argon as a hashing mechanism: I'm using the full OPAQUE protocol, and argon is only used as additional hashing to make it computationally intensive for an attacker to bruteforce a database dump.

The OPAQUE protocol doesn't actually send the password to the server (it uses a zero-knowledge proof with a password-base assymetric key exchange), and it includes (among many other security practices) per-user hashing. See https://blog.cloudflare.com/opaque-oblivious-passwords/ for more info.

@nitnelave commented on GitHub (Oct 19, 2021): Thanks for the review! However, I'm not using plain Argon as a hashing mechanism: I'm using the full OPAQUE protocol, and argon is only used as additional hashing to make it computationally intensive for an attacker to bruteforce a database dump. The OPAQUE protocol doesn't actually send the password to the server (it uses a zero-knowledge proof with a password-base assymetric key exchange), and it includes (among many other security practices) per-user hashing. See https://blog.cloudflare.com/opaque-oblivious-passwords/ for more info.

kerem referenced this issue

2026-02-27 08:17:46 +03:00

[PR #29] [MERGED] Update actix libraries #501