Yes, encrypt the hash, with something strong. Preferably AES-256 or AES-128. And perhaps a more complex approach signing keys with RSA and encrypting with AES based on that. Not gonna get too far into it(I don't wanna start talking about stuff I don't understand).
Why would you do this?
Bcrypt and Argon2 are already great hashing functions, encrypting the hashes will provide no benefits while hurting performance.
Because this way, if they lift the whole password database at rest, they still need to decrypt it to even see the usernames or start trying breached/short passwords.
Because, I'm just like that. And I've read elsewhere that it isn't bad to do something like that. From a valuable source regarding security.
And that's the thing, most developers don't take the extra step. I do. And you might say it brings down the performance, and yes it does. But not by much if you're doing it right. And I've run some tests, and it doesn't make that much of an impact on performance, especially since AES is pretty fast compared to some of the other encryption algorithms.
The important part of hashing passwords is for them not to be reversible.
The extra step is salting those.
Encrypting them does not provide any security benefits, other than perhaps having two secret keys in different areas (salt in database, AES secret hardcoded in code), but makes everything else harder.
You're right, the password shouldn't be reversible. It's not, because it's hashed before it's encrypted. As said in the resource above, it's realistically not much securer than the hashing algorithm.
It just makes it a pain for anyone trying to steal user passwords. Meaning they have to decrypt it someway(exploiting the server and executing code to decrypt, being one way, or getting the encryption key), before they can even deal with the hashes.
I believe that a decent hashing algorithm with a salt and peppering, along with decent encryption provides the same security(if not better) over just plain decent hashing with a salt.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Why would you do this?
Bcrypt and Argon2 are already great hashing functions, encrypting the hashes will provide no benefits while hurting performance.
Also, here is the source.
See, they do it. FYI, the people who made it are amazing.
And actually, yes it does have benefits, in my opinion.
From this source:
The downsides are not worth it IMO, but it still is a nice resource to have.
Yeah it still is nice to have it.
Because this way, if they lift the whole password database at rest, they still need to decrypt it to even see the usernames or start trying breached/short passwords.
Because, I'm just like that. And I've read elsewhere that it isn't bad to do something like that. From a valuable source regarding security.
And that's the thing, most developers don't take the extra step. I do. And you might say it brings down the performance, and yes it does. But not by much if you're doing it right. And I've run some tests, and it doesn't make that much of an impact on performance, especially since AES is pretty fast compared to some of the other encryption algorithms.
The important part of hashing passwords is for them not to be reversible.
The extra step is salting those.
Encrypting them does not provide any security benefits, other than perhaps having two secret keys in different areas (salt in database, AES secret hardcoded in code), but makes everything else harder.
You're right, the password shouldn't be reversible. It's not, because it's hashed before it's encrypted. As said in the resource above, it's realistically not much securer than the hashing algorithm.
It just makes it a pain for anyone trying to steal user passwords. Meaning they have to decrypt it someway(exploiting the server and executing code to decrypt, being one way, or getting the encryption key), before they can even deal with the hashes.
I believe that a decent hashing algorithm with a salt and peppering, along with decent encryption provides the same security(if not better) over just plain decent hashing with a salt.