Notice

I wrote this article and was originally published on Qiita on 23 August 2022.

Introduction

One of the application design practices is, user passwords should not be stored into a database directly. A better way is to hash the password by hash function (e.g. sha1) and store the password hash.

Potential vulnerability

Below is a sha1 hash. Do you know the original value?

21bd12dc183f740ee76f27b78eb39c8ad972a757

I thought it was impossible to recover the original value because the hash function is a one way function. But I am PARTLY wrong.

There are some hash lookup websites, which store the hash value of commonly used passwords plus word lookup from a dictionary. When I lookup hash above in one of these websites, I got

P@ssw0rd

This is a commonly used password, used in training material of Microsoft product. When the database of an application is leaked, hackers can use this way (called dictionary lookup) to recover the password of an account using a weak password. Still there is no way to restore strong password.

Improvement

Try to append a string which is not related to user information to the password before passing to the hash function. But it is useless if the source code of the system is leaked also.