Password formula

Status
Not open for further replies.
The passwords are stored in the xf_user_authenticate table in the database. See this file for the auth code:

library/XenForo/Authentication/Core.php

XenForo uses a salted double hash using either SHA1 OR SHA256:

sha1(sha1(password) . salt)

or:

sha256(sha256(password) . salt)
 
Hello, everyone. Sorry to necro an old thread, but I've been reading into crypto lately as my line of work in software development calls for me to know it better than what I currently do.

So I've got to ask: are we just using hashing algorithms, or are we using bcrypt or scrypt to store passwords?

Thanks.
 
Hi,

Sorry to necro this thread a second time but nothing newer seems to be available. I'm wondering if there's a way to use better versions of SHA or other algorithms. Can we "upgrade" to SHA-512 or even SHA-512/256?

Also, if we've migrated a DB over from vB, is there a way to force a rehash of all passwords or is it best to simply force a password reset and make sure SHA-256 is toggled?

We'd appreciate any help or insight on this matter :)

Cheers
 
The passwords are stored in the xf_user_authenticate table in the database. See this file for the auth code:

library/XenForo/Authentication/Core.php

XenForo uses a salted double hash using either SHA1 OR SHA256:

sha1(sha1(password) . salt)

or:

sha256(sha256(password) . salt)
Does that mean:

sha256(sha256(password) + globalxenforosalt) M
 
Does that mean:

sha256(sha256(password) + globalxenforosalt) M

The salt is per-user.

Also XF has since moved on to bcrypt which means that the hashed password contains the salt within the string.

Hi,

Sorry to necro this thread a second time but nothing newer seems to be available. I'm wondering if there's a way to use better versions of SHA or other algorithms. Can we "upgrade" to SHA-512 or even SHA-512/256?

Also, if we've migrated a DB over from vB, is there a way to force a rehash of all passwords or is it best to simply force a password reset and make sure SHA-256 is toggled?

We'd appreciate any help or insight on this matter :)

Cheers

There's not much point in using a "better" SHA version except increasing wait times. SHA-256 is plenty strong. However SHA (and MD5) are generic hashing algorithms while bcrypt/argon2 is specifically designed for password hashing (easy to verify, hard to brute force). You should always use bcrypt/argon2 in new passwords.

For old passwords you have two options:
1. Wait for the user to re-login; XF will re-hash the password to a more secure algorithm automatically.
2. Require everybody to reset everybody's passwords.

Option 1 is much less invasive and is preferred unless your threat model justifies the inconvenience.
 
Last edited:
The salt is per-user.

Also XF has since moved on to bcrypt which means that the hashed password contains the salt within the string.



There's not much point in using a "better" SHA version except increasing wait times. SHA-256 is plenty strong. However SHA (and MD5) are generic hashing algorithms while bcrypt/argon2 is specifically designed for password hashing (easy to verify, hard to brute force). You should always use bcrypt/argon2 in new passwords.

For old passwords you have two options:
1. Wait for the user to re-login; XF will re-hash the password to a more secure algorithm automatically.
2. Require everybody to reset everybody's passwords.

Option 1 is much less invasive and is preferred unless your threat model justifies the inconvenience.
https://xenforo.com/community/threads/xenforo-password-blob-to-sha256.145231/post-1238284
 
Status
Not open for further replies.
Top Bottom