, 16 tweets, 14 min read
I know you have heard of password #Salts which are similar to Nonces and used to add uniqueness to passwords and protect against pre-computed hashes (rainbow tables).

Did you also know about password #Peppers ? They are equally important too.
In modern web applications of today, you should #Pepper your passwords as well as #Salt them too before hashing them. Here is the order:

Original Password ---> Salt ---> Pepper ---> Hash ---> Store-In-DB.

However, if you #Pepper passwords wrongly. It could be very disastrous!
What do i mean by this ?

Well, the simplest (and safest - very important) way to #Pepper a password is to HMAC(Original_Password, key) it.

HMACs are resistant to length-extension attacks & brutes-force attacks.

There must be a #Pepper key used for the HMAC too
This HMAC key must never be stored in a DB.

when a password #Pepper is applied, it doesn't matter whether the original password (plaintext) is a weak password. It will be gain the right "entropy" which is the most important quality for a password at the end of the day.
I made a slight error with the ordering. Here is the correct order. You have to #pepper a password before #salting it.

Original Password ---> Pepper ---> Salt ---> Hash ---> Store-In-DB.
The HMAC key for a password #Pepper must be stored in some config file in a manner that if the DB is compromised by an attacker, it cannot be accessed.

The next step after #peppering a password is to pass it to a function that will salt and hash it e.g. Bcrypt, Scrypt or Argon2
#Argon2 (id hybrid version) is the best password salting & hashing algorithm, followed by #Scrypt then finally #Bcrypt. Thankfully, popular back-end languages, frameworks/libraries support it ( from #PHP to #Python, #NodeJS, #Elixir - then #Symfony, #Laravel, #Adonis, #Django )
#Argon2 supports #pepper keys in few languages (sad but true). For instance, the `password_hash` function in PHP doesn't allow you set a #pepper key so the only way to do it is to use `hash_hmac` like so:

But, DON'T pepper passwords this way it is wrong! I'll explain why...
Passing the output of `hash_hmac` directly into `password_hash` (which is used by @laravelphp / @CodeIgniter hashing libraries) can lead to the creation of null bytes which can cause problems when verifying these passwords.

See this article for more info: blog.ircmaxell.com/2015/03/securi…
@laravelphp @CodeIgniter As the author of the article i linked to in the preceding tweet says. The problem is not #Argon2 or #Bcrypt but combining hash function that were never designed to be combined directly.

See: php.net/manual/en/func…

So how do we #pepper passwords correctly you might ask ?
@laravelphp @CodeIgniter Well, it quite simple really. We base64 encode the output of `hash_hmac` before we pass it to the hashing function

Like so:
@laravelphp @CodeIgniter If you are using #Laravel , you can do this:
@laravelphp @CodeIgniter You can also use the HMAC(OriginalPass, key) along with #Bcrypt (Not just #Argon2). Lots of people use #Bcrypt because it's popular and mostly uses less memory space than #Argon2 (id) for example.

Finally, i will like to dispel certain user password entry myths
@laravelphp @CodeIgniter Some of these myths have been the source of pain for users on the front-end (from a UX standpoint). They do not hold any water because they neither take away nor add to the security of passwords for a web app.

See this article: dev.to/nathilia_pierc…
Here is a picture except from the above article:
Also, if you feel this is too much info to take in and adhere to OR too much work for you. Then, use auth services like @auth0 @gostormpath @okta.

One last thing, when creating a #Pepper hashing algos 'sha384' & 'sha512' are truly acceptable.

Missing some Tweet in this thread? You can try to force a refresh.

Enjoying this thread?

Keep Current with Okechukwu Ifeora

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!