-
Improvement
-
Resolution: Fixed
-
Major
-
4.3
-
MOODLE_403_STABLE
-
MOODLE_403_STABLE
-
master_
MDL-67774 -
-
6
-
Team Hedgehog 2023 Review 2, Team Hedgehog 2023 Sprint 3.1, Team Hedgehog 2023 Sprint 3.2
NIST guidelines from 2017 recommend a pepper as well as a salt, see:
https://en.wikipedia.org/wiki/Pepper_(cryptography)
Roughly, a pepper is a component of the salt, but stored separately and in this case would be in config.php. By splitting them it means that if the db is compromised the partial hashes are useless.
Unlike a salt, the pepper is not unique and would be shared for all users, and must be kept secret.
I would also want a simple method to allow multiple peppers so they can be rotated like:
$CFG->passwordpeppers = [
|
'2019' => 'blahsecret45678', |
'2018' => 'blahsecret12345', |
];
|
Whenever we confirm hashes we'll check against all peppers but upgrade it to the latest one which is first in the list.
The pepper needs to have a decent amount of entropy so I'd throw a config exception if the primary pepper is too short, min 112 bits of entropy, so the pepper itself cannot be easily brute forced if you have a known password + hash combo.