




I am making a program in C that allows the user to register and login. When the user registers I want to save his username and password in a file.

As I understood it, the best way of doing so is adding a random salt to the end of the password and then store a secure hash (SHA-1 for example) of the salted password.

My question is: If I locally store the username, hash and salt in the text file, what prevents an attacker from just changing the hash and salt in the file to his own SHA-1 hash with his own salt and then log in using his new password?



It depends on whether the attacker has only access to this password file, or if he has access to the executable as well. In the latter case you can only make it harder to exchange the hashes, but you cannot entirely prevent it.

对于第一种情况,可以使用 HMAC 来验证存储的哈希:

For the first case, on can use a HMAC to verify the stored hash:

  1. 您的应用程序将包含一个秘密强密钥,并使用此密钥来计算哈希的HMAC.
  2. 此HMAC可以与密码哈希一起存储在文件中.
  3. 在读取哈希以进行验证时,该软件会再次计算HMAC,并将其与存储的哈希进行比较.


An attacker won't be able to produce the correct HMAC for his own hashes, as long as he doesn't know the secret key in your application. So what we gain is, that the password file cannot be altered but by your application, the security is concentrated into the key of your application. The same can be achieved with encrypting/decrypting the password file.


P.S. Please do not use SHA- to store passwords, instead use a hash function with a cost factor like BCrypt, PBKDF2 or SCrypt.*


08-26 07:06