Given the above, is this still a bad idea? Oh, and you know, if they have an online business, actually abuse their web presence to the fullest extent). You're not going to make yourself very popular by denying amateurs the chance to pick a password they can remember nor experts the chance to generate one they deem secure themselves.Īlso, I personally think individual bank account passwords are worth way less (considering banks have been 2-factoring wire transfers, at least in Europe, since more than 25 years now with transaction ID one time pads) than domain control (I can hardly ruin someone's business by looking at his bank account unless I plan to use it to mess with him based on other info, but I can easily ruin him by rerouting all his email through my servers by manipulating the MX record of their domain, and selectively letting through CEO mail and answering in their place. I don't really see why you'd do this to people. There's nothing especially secure or insecure about this, aside from no person ever going to be able to pick a "weak" password, but on the other hand, half of the people going to store their password unencrypted. You're just describing a scheme where the UUID simply becomes a password. For example, if you build an integration with Google Authenticator or Authy, your users get the benefit of those vendors' user-side apps to store and manage the shared secret key. The unobvious but actually very natural alternative here is to use a multi-factor authentication system based on passwords and secret keys, like TOTP. The bigger problem is that your users wouldn't be able to remember such tokens they'd have to store them somewhere secure, and you'd be providing no assistance for so doing. So I would not use UUIDs as cryptographic secrets-I'd interface directly with the cryptographic RNG, at least to make the intent of the code evident. The link describes how to attack such UUIDs-with a couple of lines of code, an attacker who sees one such UUID can reconstruct the PRNG's state when it output that UUID, which allows them to predict all subsequent UUIDs. ![]() For example, at least some versions of Google's V8 Javascript engine use a non-cryptographic PRNG for random UUID generation. The use of cryptographic-quality random numbers is strongly recommended in order to reduce the probability of repeated values.Īnd it turns out that some UUID implementations are not secure. The ITU standard explicitly says that the use of cryptographic random number is recommended, which clearly implies it's not a requirement (p. Some UUID implementations are driven off such RNGs, but that's an implementation choice, not a guarantee. What you require here is a cryptographically secure random number generator. A predictable random number source will exacerbate the situation. As RFC 4122 says (section 6):ĭo not assume that UUIDs are hard to guess they should not be used as security capabilities (identifiers whose mere possession grants access), for example. UUIDs do not generally guarantee unpredictability or any security properties. My hope is that this is a viable alternative. My goal here is to not be storing personal data of any kind (email / pass). Would slamming two UUIDs together be more secure?.Do you think this is less secure than username / pass?.Given the above, is this still a bad idea?. ![]() Don't worry about the usability issues that the user might have. Assume that the application isn't for anything extremely important (banking) but is still fairly important (pretend it is domain names, for the sake of argument). The UUID would be combined with a username (public) when authing.Īssume normal security practices are in place (SSL, DB holding the UUIDs is encrypted at rest, guards against brute force attacks, UUID would not be passed in a URL, etc). The UUID would be given to them at the time of registration. To be specific, the user would have to paste the UUID into a text field to gain access to their account. I'd like to use a V4 UUID / GUID for authenticating users.
0 Comments
Leave a Reply. |