I'm an intern at a small startup and I'm working solo on an application that interacts with another existing service. The credentials I use in my app are the same as those in this service, which doesn't have its own authentication system. I utilize a Python module to log users in by calling `BService.loginUser(username, password)`, requiring me to store the passwords in a way that they can be retrieved cleanly. I'm uncertain about the risks of only encrypting the passwords without hashing them, and I'm considering prompting users to re-enter their passwords when reconnecting. What are some secure alternatives?
6 Answers
If you're finding ways to make the bare minimum security even less secure, that's a red flag! How often will users need to log back into Service B? If you can’t set up a token or use a central authority, then you're stuck with asking for the password again—just be sure to say it's for their security. With the right wording, you can soften the annoyance of reauthenticating.
You shouldn't store passwords at all if possible. Ideally, `BService` should have an OAuth endpoint. This would eliminate the need for storing raw passwords and make your app much safer.
Never store passwords in such a way that they can be decrypted. Instead, prompt users for their password when necessary. Although you could encrypt it, if your server is ever compromised, it could still be decrypted. Using session tokens is the way to go if `B` supports that option, as it's much safer than storing raw passwords.
It's a big mistake to store passwords in a reversible format. Instead, consider using OAuth or a centralized authentication method like LDAP or Active Directory. Definitely avoid ever storing passwords in a way that they can be easily retrieved.
You don’t need to store passwords to get around session timeouts! Respect the session rules set by Service B. If there's a refresh token, use that instead. If the session times out, users should be required to log in again; that's just part of maintaining security.
Wow, what a situation! Storing raw passwords is not the solution. Seek out a library that can hash passwords securely. At login, check the hashed version of what users enter against your stored hash. Use session variables or cookies to maintain the login state without storing passwords. Seriously, rethink your process—why is B not providing a proper solution for this?
Thanks for the advice, I’ll check into those options!