CWE-916
AllowedUse of Password Hash With Insufficient Computational Effort
Abstraction: Base · Status: Incomplete
The product generates a hash for a password, but it uses a scheme that does not provide a sufficient level of computational effort that would make password cracking attacks infeasible or expensive.
162 vulnerabilities reference this CWE, most recent first.
GHSA-P5X3-CMJ3-RMGV
Vulnerability from github – Published: 2023-09-15 15:30 – Updated: 2023-09-15 15:30A vulnerability classified as problematic was found in Supcon InPlant SCADA up to 20230901. Affected by this vulnerability is an unknown functionality of the file Project.xml. The manipulation leads to password hash with insufficient computational effort. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-239797 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2023-4986"
],
"database_specific": {
"cwe_ids": [
"CWE-916"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-09-15T15:15:08Z",
"severity": "LOW"
},
"details": "A vulnerability classified as problematic was found in Supcon InPlant SCADA up to 20230901. Affected by this vulnerability is an unknown functionality of the file Project.xml. The manipulation leads to password hash with insufficient computational effort. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-239797 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-p5x3-cmj3-rmgv",
"modified": "2023-09-15T15:30:16Z",
"published": "2023-09-15T15:30:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4986"
},
{
"type": "WEB",
"url": "https://drive.google.com/file/d/1V_O95QddCGdZzYGgx7tkMOYQ5i_alv69/view?usp=drive_link"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.239797"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.239797"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PG7P-9RPP-XJMX
Vulnerability from github – Published: 2024-06-11 15:31 – Updated: 2024-10-04 15:31A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a privileged attacker with super-admin profile and CLI access to decrypting the backup file.
{
"affected": [],
"aliases": [
"CVE-2024-21754"
],
"database_specific": {
"cwe_ids": [
"CWE-916"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-11T15:16:03Z",
"severity": "LOW"
},
"details": "A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a\u00a0privileged attacker with super-admin profile and CLI access to decrypting the backup file.",
"id": "GHSA-pg7p-9rpp-xjmx",
"modified": "2024-10-04T15:31:12Z",
"published": "2024-06-11T15:31:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21754"
},
{
"type": "WEB",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-423"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-Q484-CVJ5-X4FV
Vulnerability from github – Published: 2022-11-01 12:00 – Updated: 2022-11-03 12:00The application was vulnerable to an authenticated information disclosure, allowing administrators to view unsalted user passwords, which could lead to the compromise of plaintext passwords via offline attacks.
{
"affected": [],
"aliases": [
"CVE-2022-40295"
],
"database_specific": {
"cwe_ids": [
"CWE-311",
"CWE-916"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-10-31T21:15:00Z",
"severity": "MODERATE"
},
"details": "The application was vulnerable to an authenticated information disclosure, allowing administrators to view unsalted user passwords, which could lead to the compromise of plaintext passwords via offline attacks.",
"id": "GHSA-q484-cvj5-x4fv",
"modified": "2022-11-03T12:00:28Z",
"published": "2022-11-01T12:00:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40295"
},
{
"type": "WEB",
"url": "https://www.themissinglink.com.au/security-advisories/cve-2022-40295"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-Q6Q9-4V2F-8943
Vulnerability from github – Published: 2022-05-13 01:53 – Updated: 2022-05-13 01:53Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%\Sophos\Sophos Anti-Virus\Config\machine.xml, which makes it easier for attackers to determine a cleartext password, and subsequently choose unsafe malware settings, via rainbow tables or other approaches.
{
"affected": [],
"aliases": [
"CVE-2018-9233"
],
"database_specific": {
"cwe_ids": [
"CWE-916"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-04-05T17:29:00Z",
"severity": "HIGH"
},
"details": "Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%\\Sophos\\Sophos Anti-Virus\\Config\\machine.xml, which makes it easier for attackers to determine a cleartext password, and subsequently choose unsafe malware settings, via rainbow tables or other approaches.",
"id": "GHSA-q6q9-4v2f-8943",
"modified": "2022-05-13T01:53:52Z",
"published": "2022-05-13T01:53:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9233"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/44411"
},
{
"type": "WEB",
"url": "http://hyp3rlinx.altervista.org/advisories/SOPHOS-ENDPOINT-PROTECTION-CONTROL-PANEL-v10.7-INSECURE-CRYPTO-CVE-2018-9233.txt"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2018/Apr/7"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QWGM-MXM4-3Q2C
Vulnerability from github – Published: 2022-05-24 22:01 – Updated: 2023-01-24 16:02The Ruby net-ldap gem before 0.16.2 uses a weak salt when generating SSHA passwords.
{
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "net-ldap"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.16.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2014-0083"
],
"database_specific": {
"cwe_ids": [
"CWE-916"
],
"github_reviewed": true,
"github_reviewed_at": "2023-01-24T16:02:54Z",
"nvd_published_at": "2019-11-21T14:15:00Z",
"severity": "MODERATE"
},
"details": "The Ruby net-ldap gem before 0.16.2 uses a weak salt when generating SSHA passwords.",
"id": "GHSA-qwgm-mxm4-3q2c",
"modified": "2023-01-24T16:02:54Z",
"published": "2022-05-24T22:01:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0083"
},
{
"type": "WEB",
"url": "https://github.com/ruby-ldap/ruby-net-ldap/commit/b412ca05f6b430eaa1ce97ac95885b4cf187b04a"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0083"
},
{
"type": "WEB",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2014-0083"
},
{
"type": "PACKAGE",
"url": "https://github.com/ruby-ldap/ruby-net-ldap"
},
{
"type": "WEB",
"url": "https://security-tracker.debian.org/tracker/CVE-2014-0083"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "net-ldap has weak salt when generating passwords"
}
GHSA-QWXX-8R35-M4QM
Vulnerability from github – Published: 2023-06-15 21:30 – Updated: 2024-04-04 04:53RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password instead of the cleartext password. While storing password hashes instead of cleartext passwords in an application's database generally has become best practice to protect users' passwords in case of a database compromise, this is rendered ineffective when allowing to authenticate using the password hash.
{
"affected": [],
"aliases": [
"CVE-2023-33243"
],
"database_specific": {
"cwe_ids": [
"CWE-916"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-15T20:15:09Z",
"severity": "HIGH"
},
"details": "RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password instead of the cleartext password. While storing password hashes instead of cleartext passwords in an application\u0027s database generally has become best practice to protect users\u0027 passwords in case of a database compromise, this is rendered ineffective when allowing to authenticate using the password hash.",
"id": "GHSA-qwxx-8r35-m4qm",
"modified": "2024-04-04T04:53:13Z",
"published": "2023-06-15T21:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33243"
},
{
"type": "WEB",
"url": "https://www.redteam-pentesting.de/en/advisories/-advisories-publicised-vulnerability-analyses"
},
{
"type": "WEB",
"url": "https://www.redteam-pentesting.de/en/advisories/rt-sa-2022-004/-starface-authentication-with-password-hash-possible"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-R37H-J483-CJJM
Vulnerability from github – Published: 2021-06-01 21:38 – Updated: 2021-06-04 18:50Koel before 5.1.4 lacks login throttling, lacks a password strength policy, and shows whether a failed login attempt had a valid username. This might make brute-force attacks easier.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "phanan/koel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.1.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-33563"
],
"database_specific": {
"cwe_ids": [
"CWE-799",
"CWE-916"
],
"github_reviewed": true,
"github_reviewed_at": "2021-06-01T20:37:37Z",
"nvd_published_at": "2021-05-24T23:15:00Z",
"severity": "HIGH"
},
"details": "Koel before 5.1.4 lacks login throttling, lacks a password strength policy, and shows whether a failed login attempt had a valid username. This might make brute-force attacks easier.",
"id": "GHSA-r37h-j483-cjjm",
"modified": "2021-06-04T18:50:20Z",
"published": "2021-06-01T21:38:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33563"
},
{
"type": "WEB",
"url": "https://github.com/koel/koel/releases/tag/v5.1.4"
},
{
"type": "WEB",
"url": "https://huntr.dev/bounties/1-other-koel/koel"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "Improper rate limiting in Koel"
}
GHSA-R44J-CRV5-Q35M
Vulnerability from github – Published: 2024-12-15 12:30 – Updated: 2025-08-05 18:30Use of Password Hash With Insufficient Computational Effort vulnerability in percona percona-toolkit allows Encryption Brute Forcing.This issue affects percona-toolkit: 3.6.0.
{
"affected": [],
"aliases": [
"CVE-2024-7701"
],
"database_specific": {
"cwe_ids": [
"CWE-916"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-15T11:15:05Z",
"severity": "MODERATE"
},
"details": "Use of Password Hash With Insufficient Computational Effort vulnerability in percona percona-toolkit allows Encryption Brute Forcing.This issue affects percona-toolkit: 3.6.0.",
"id": "GHSA-r44j-crv5-q35m",
"modified": "2025-08-05T18:30:37Z",
"published": "2024-12-15T12:30:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7701"
},
{
"type": "WEB",
"url": "https://github.com/percona/percona-toolkit/blob/aa1ac0e6889168fddf73c3a72d447e9ea0c0c63b/src/go/pt-secure-collect/encrypt.go#L17"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-R75M-26CQ-MJXC
Vulnerability from github – Published: 2024-03-28 17:53 – Updated: 2024-03-28 17:53Description
Improved security for stored password hashes
Serverpod now uses the OWASP, source, recommended Argon2Id password hash algorithm to store password hashes for the email authentication module.
Starting from Serverpod 1.2.6 all users that either creates an account or authenticates with the server will have their password stored using the safer algorithm. No changes are required from the developer to start storing passwords using the safer algorithm.
Why did we change how passwords are stored?
An issue was identified with the old password hash algorithm that made it susceptible to rainbow attacks if the database was compromised.
It is strongly recommended to migrate your existing password hashes.
Migrate existing password hashes
The email authentication module provides a helper method to migrate all the existing legacy password hashes in the database. Simply call Emails.migrateLegacyPasswordHashes(...) with a session instance as an argument to migrate the password hashes.
The method is implemented as an idempotent operation and will yield the same result regardless of how many times it is called.
We recommend either implementing a web server route that can be called remotely or by calling the method as part of starting the server.
Following is example code for implementing a web server route.
Web server route code
import 'dart:io';
import 'package:serverpod/serverpod.dart';
import 'package:serverpod_auth_server/module.dart' as auth;
class MigratePasswordsRoute extends Route {
@override
Future<bool> handleCall(Session session, HttpRequest request) async {
request.response.writeln(
'Migrating legacy passwords, check the server logs for progress updates.',
);
_migratePasswords(session);
return true;
}
}
Future<void> _migratePasswords(Session session) async {
session.log('Starting to migrate passwords.');
var totalMigratedPasswords = 0;
while (true) {
try {
var entriesMigrated = await auth.Emails.migrateLegacyPasswordHashes(
session,
// Process 100 database entries at a time
batchSize: 100,
// Stop after 500 entries have been migrated
maxMigratedEntries: 500,
);
totalMigratedPasswords += entriesMigrated;
session.log(
'Migrated $entriesMigrated password entries, total $totalMigratedPasswords.',
);
if (entriesMigrated == 0) break;
// Delay to avoid overloading the database
await Future.delayed(Duration(seconds: 1));
} catch (e) {
session.log('Error migrating passwords: $e');
}
}
session.log('Finished migrating passwords.');
}
How we migrate existing password hashes
Since password hashes can’t be recalculated without knowledge of the plain text password, the method in the email authentication module applies the new algorithm to the already stored password hashes.
When the affected users later authenticate, their password hash will be calculated using both algorithms in tandem. If the authentication is accepted, the stored password hash will be updated to only use the new algorithm so that further authentication only needs to run the new algorithm.
Impact
All versions of serverpod_auth_server pre 1.2.6
Patches
Upgrading to version 1.2.6 resolves this issue.
{
"affected": [
{
"package": {
"ecosystem": "Pub",
"name": "serverpod_auth_server"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.2.6"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-29886"
],
"database_specific": {
"cwe_ids": [
"CWE-916"
],
"github_reviewed": true,
"github_reviewed_at": "2024-03-28T17:53:42Z",
"nvd_published_at": "2024-03-27T19:15:49Z",
"severity": "MODERATE"
},
"details": "## Description\n\n### Improved security for stored password hashes\nServerpod now uses the OWASP, [source](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#introduction), recommended Argon2Id password hash algorithm to store password hashes for the email authentication module.\n\nStarting from Serverpod `1.2.6` all users that either creates an account or authenticates with the server will have their password stored using the safer algorithm. No changes are required from the developer to start storing passwords using the safer algorithm.\n\n### Why did we change how passwords are stored?\nAn issue was identified with the old password hash algorithm that made it susceptible to rainbow attacks if the database was compromised.\n\nIt is strongly recommended to migrate your existing password hashes.\n\n### Migrate existing password hashes\nThe email authentication module provides a helper method to migrate all the existing legacy password hashes in the database. Simply call `Emails.migrateLegacyPasswordHashes(...)` with a session instance as an argument to migrate the password hashes.\n\nThe method is implemented as an idempotent operation and will yield the same result regardless of how many times it is called.\n\nWe recommend either implementing a web server route that can be called remotely or by calling the method as part of starting the server.\n\nFollowing is example code for implementing a web server route.\n\n\u003cdetails\u003e\u003csummary\u003e\u003ch4\u003eWeb server route code\u003c/h4\u003e\u003c/summary\u003e\n\n```dart\nimport \u0027dart:io\u0027;\n\nimport \u0027package:serverpod/serverpod.dart\u0027;\nimport \u0027package:serverpod_auth_server/module.dart\u0027 as auth;\n\nclass MigratePasswordsRoute extends Route {\n @override\n Future\u003cbool\u003e handleCall(Session session, HttpRequest request) async {\n request.response.writeln(\n \u0027Migrating legacy passwords, check the server logs for progress updates.\u0027,\n );\n _migratePasswords(session);\n return true;\n }\n}\n\nFuture\u003cvoid\u003e _migratePasswords(Session session) async {\n session.log(\u0027Starting to migrate passwords.\u0027);\n\n var totalMigratedPasswords = 0;\n while (true) {\n try {\n var entriesMigrated = await auth.Emails.migrateLegacyPasswordHashes(\n session,\n // Process 100 database entries at a time\n batchSize: 100,\n // Stop after 500 entries have been migrated\n maxMigratedEntries: 500,\n );\n\n totalMigratedPasswords += entriesMigrated;\n session.log(\n \u0027Migrated $entriesMigrated password entries, total $totalMigratedPasswords.\u0027,\n );\n\n if (entriesMigrated == 0) break;\n\n // Delay to avoid overloading the database\n await Future.delayed(Duration(seconds: 1));\n } catch (e) {\n session.log(\u0027Error migrating passwords: $e\u0027);\n }\n }\n\n session.log(\u0027Finished migrating passwords.\u0027);\n}\n```\n\n\u003c/details\u003e\n\n### How we migrate existing password hashes\nSince password hashes can\u2019t be recalculated without knowledge of the plain text password, the method in the email authentication module applies the new algorithm to the already stored password hashes.\n\nWhen the affected users later authenticate, their password hash will be calculated using both algorithms in tandem. If the authentication is accepted, the stored password hash will be updated to only use the new algorithm so that further authentication only needs to run the new algorithm.\n\n### Impact\nAll versions of `serverpod_auth_server` pre `1.2.6`\n\n### Patches\nUpgrading to version `1.2.6` resolves this issue.\n",
"id": "GHSA-r75m-26cq-mjxc",
"modified": "2024-03-28T17:53:42Z",
"published": "2024-03-28T17:53:42Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/serverpod/serverpod/security/advisories/GHSA-r75m-26cq-mjxc"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29886"
},
{
"type": "WEB",
"url": "https://github.com/serverpod/serverpod/commit/a78b9e9f1de74d1300633a122b6cc0f064139ad6"
},
{
"type": "PACKAGE",
"url": "https://github.com/serverpod/serverpod"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Serverpod improved security for stored password hashes"
}
GHSA-R8G7-CPMM-QMHP
Vulnerability from github – Published: 2022-05-13 01:36 – Updated: 2022-05-13 01:36Password recovery exploitation vulnerability in the non-certificate-based authentication mechanism in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to crack user passwords via unsalted hashes.
{
"affected": [],
"aliases": [
"CVE-2017-3962"
],
"database_specific": {
"cwe_ids": [
"CWE-916"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-06-12T14:29:00Z",
"severity": "CRITICAL"
},
"details": "Password recovery exploitation vulnerability in the non-certificate-based authentication mechanism in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to crack user passwords via unsalted hashes.",
"id": "GHSA-r8g7-cpmm-qmhp",
"modified": "2022-05-13T01:36:40Z",
"published": "2022-05-13T01:36:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3962"
},
{
"type": "WEB",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10192"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-51
- Use an adaptive hash function that can be configured to change the amount of computational effort needed to compute the hash, such as the number of iterations ("stretching") or the amount of memory required. Some hash functions perform salting automatically. These functions can significantly increase the overhead for a brute force attack compared to intentionally-fast functions such as MD5. For example, rainbow table attacks can become infeasible due to the high computing overhead. Finally, since computing power gets faster and cheaper over time, the technique can be reconfigured to increase the workload without forcing an entire replacement of the algorithm in use.
- Some hash functions that have one or more of these desired properties include bcrypt [REF-291], scrypt [REF-292], and PBKDF2 [REF-293]. While there is active debate about which of these is the most effective, they are all stronger than using salts with hash functions with very little computing overhead.
- Note that using these functions can have an impact on performance, so they require special consideration to avoid denial-of-service attacks. However, their configurability provides finer control over how much CPU and memory is used, so it could be adjusted to suit the environment's needs.
Mitigation MIT-25
When using industry-approved techniques, use them correctly. Don't cut corners by skipping resource-intensive steps (CWE-325). These steps are often essential for preventing common attacks.
CAPEC-55: Rainbow Table Password Cracking
An attacker gets access to the database table where hashes of passwords are stored. They then use a rainbow table of pre-computed hash chains to attempt to look up the original password. Once the original password corresponding to the hash is obtained, the attacker uses the original password to gain access to the system.