One of the biggest hassles you can have with a pay site is if a cracker downloads your whole password list and cracks it. The cracker may then post all or most of your users' passwords on password sites. If you've found that more than about 1/3rd of your paid members have suddenly had their passwords compromised, your password file was probably already ripped. This can be fairly easy for an attacker to do if you let your users choose their own passwords, as they'll often choose easy passwords based on English words such as "password', "access", or "radio". The cracker will try each word in the dictionary and will break these types of passwords. If you think your password file has already been ripped, or would like to take some general steps to improve your server security, see our page about what to do if you're already been ripped. If not, stronger encryption can help ensure that your password file never gets ripped.
This little script will generate stronger passwords (not English words) that are still relatively easy for the user to remember. If you let a cracker download and crack your entire password list something like the Strongbox security systemtm, or similar systems will simply do it's job and block all of these compromised passwords, which would leave legitimate users without access. For best security you want to first secure your password list so that a cracker can't simply download your whole membership list and post it on a password site or wherever, THEN have the Strongbox security systemtm watching for any individual passwords that get compromised somehow.
Having your whole member list cracked is kind of like having your hard drive totally fail in that people don't think about it too much because it doesn't happen every day, but when it does happen it's a BIG problem. Also like a hard drive failure, it's fairly likely that eventually it will happen to you if you don't take steps to prevent it.
If you are using an old fashioned .htpasswd file that's only encrypted with the most common method, that's an algorithm called DES which is next to worthless. If those DES encrypted passwords are based on English words, which they normally are if you let your users choose their own passwords, a cracker can decrypt many of those passwords within seconds. You'll want to secure your passwords better than that.
First, how to know if this is a problem for you: 1) If you let users choose their own passwords you have a problem. 2) If your database or password file has the passwords in it in clear text you have a problem. 3) If each line of your password file has the user name, a colon, then 13 characters you have a problem. 4) If any of 1-3 applies to you and you run PHP scripts, you probably have a bigger problem.
PHP scripts make the problem worse because most of them, including most of the most popular ones, include a security hole that will let the attacker download your password list or database. So especially if you use PHP you'll want to be sure your password list is not easily cracked.
DES encryption, used in most .htpasswd files, is no longer effective. I've run a cracker program against some customers' password lists and indeed I was able to crack many passwords in seconds. Part of the reason it's so weak is that it only uses the first 8 characters of the password. With user chosen passwords the first 8 characters are often found in a crackers dictionary because they choose passwords based on English words.
You can use the much stronger salted MD5 algorithm for your .htpasswd
file by having your processor's password adding script slightly modified.
Some people use a SHA1 hash or plain unsalted MD5 hash rather than
a salted MD5 hash, and that's fine, but there is an advantage to SHA1 over
plain MD5 and even more advantages to salted MD5.
Apache natively supports standard both SHA1 and salted MD5 hashes in .htpasswd, so you can
use stronger encryption without requiring the Strongbox security systemtm or another
script based authentications system in case you need to run your site without
Strongbox for a while, or another system besides Strongbox also needs
to authenticate against the file.
Apache can't use plain MD5 hashes in a file,
at least not without the help of the Strongbox security systemtm. :)
is much more secure than a plain SHA1 or MD5 and is
compatible with the standard Linux
and by extension most CGI or PHP based authentication
systems, including the Strongbox security systemtm.
Most processor's scripts will need a small modification in order to use a
salted MD5, a service we provide for just $30.
Almost any processor's script can be fairly easily modified to use stronger SHA1 or salted MD5 encryption for the password file. We have these scripts on hand for CCBill and some other popular processors. Most can also be fairly easily modified to use a MySQL database instead of a password file. You can then use the Strongbox security systemtm to read those passwords or install mod_auth_mysql. Do NOT put clear text, unencrypted passwords in a MySQL database. Some of the well known user management scripts do exactly that, so if you're thinking about using a user management or affiliate type script speak to us first. Unencrypted plain text passwords in your database are an invitation to a cracker to make your life miserable.
Now that you've fixed up your encryption, you also need to have reasonably strong passwords. Contrary to popular belief, using punctuation marks in passwords doesn't improve security much at all. (Count the bits.) Allowing certain punctuation marks does, however, make you vulnerable to code injection attacks. One of the best ways to make passwords strong is to make sure that they are not plain English words or based on English words and to make them reasonably long. That means you can't let users choose their own passwords, or else you need a very good password checking script to make sure they don't pick weak ones. Does that mean you have to set CCBill to create those ugly random passwords like J8*Ul7^ag% that no one can remember? No! Not anymore. CCBill will let you upload a large list of user/pass pairs that it will assign to users. The ideal password is reasonably long (8-14 characters), not based on a dictionary word, and yet easy enough to remember. Note the phrase "based on a dictionary word". pissoff1 will get cracked quickly. We've written a script that produces nearly ideal passwords. They are somewhat pronounceable and therefore easier to remember than "J8*Ul7^ag%", yet they are long enough and not based on English words. Some user names and passwords generated by our script:
Standard mode: stifftern buffmudha sexweepri spitskido pantygenc lymphricb frucsphin plumurate Short mode: shirre darmet claved triven peasev muntch flacha gloser"plumurate", "pantygenc", or "frucsphin" won't be found in a hacker's dictionary, yet can be pronounced and therefore remembered more easily than a random string of characters.
After downloading the password list our tool generates, you can follow these instructions to upload the list to CCBill, if you use them.