There is a common consensus that security is a real issue on the internet. It is true the net is not secure by any means of the word. How much personal information should you put out there and what happens to it after it’s out there. How is it stored? Who’s is it really? After pondering the concerns of security on the net and how to store user information I posted the question on Stackoverflow just to get some impressions. The concept I have been concerned with is that the faster computers get the faster and easier it is to crack encryption algorithms. Thus leading to a more complex algorithm ultimately to be cracked and the cycle continues.
The idea that I am proposing is a completely different way to think about the security of a users information and how they access this information. If you think about logging into any web site you most likely have to have a username and password. Something that just about every ecommerce site has. The consensus that the password is the sensitive part. the password should be encrypted in some fashion. It really doesn’t matter the process you use to encrypt but the best would be a one way encryption. Usually the username and password are stored in the same database and even in the same table within the database. So in essence if an attacker wanted to attack the database and should happen to get to the information in the database they have both the username and the password to the accounts. Really the only thing left to do is to decrypt the password and they are good to go. The way the username is viewed is as a public key and all you need is the password to enter the site. This is the way that the database is designed to be and the way the hackers want the information.
When you store data on your home computer every expert will tell you to back up the data and really keep it some where other than your house. Either you store it in the cloud, on a DVD, an external hard drive just anywhere other than your home. The reason is that if something should happen to your home, fire or flood, then you have your data somewhere safe. In essence you have the data in two places. This is the concept I am concerned with.
Consider this concept. Lets call the username a key and the password a second key. Really this is what they are. When you log into a site you need to have both to get in. It is like having a dead bolt and the regular door nob lock on your house door. Granted you can have both keyed to use the same key, but what if you didn’t. Then you would need to have two separate keys to get into your house. If you only had one and both locks are locked well then you are out of luck. Better yet if some one took one key then you have the second as a “backup” to prevent the would be thief from just walking right into your house. This is the same idea I proposing when storing usernames and passwords.
If you store the username in one database table and the password in a second database table and really you should keep them in two completely different databases. Each database should be secured by a different username and password itself. You will need some sort of cross relationship to tie the username to the password, but this could be minimal or as complex as you want.
The benefits of keeping the two separate databases should be obvious by now. First if an attacker gets to a database and it really doesn’t matter which one they will need to get to the second one in-order to access anything. Now in reality you should still encrypt the password, or username, or both. Also you should only verify the the username and password and not return them to the application. Treat them like the keys they are. You wouldn’t leave your keys out in the street for anyone to pick up and use. Treat both the username and password with the same level of security.
I use the analogy of a gun and bullets. The most secure way to store a firearm is to keep the gun and the ammunition separate. This way if a would be intruder get to the gun they do not have the bullets rendering the firearm useless and visa versa. Keeping these two together even if they are locked up in a safe is the same as keeping your username and passwords in the same database.
Ok so for all the security experts out there, please realize that this is only a concept that I came up with and I’m putting it out there for others to consider. I am open to discussion please post a comment with your thoughts.