In the context of securing either your account or your customers one,
you should also take care to encrypt the passwords of your users.
We recommend you to use the hash for this purpose.
It is obvious that increased protection of passwords in the system must be put in place. Cleartext passwords storage in the system is then strongly discouraged!
Why ? Take the typical case of a database in which the users IDS of a company extanet are stored. This implies that there is a security policy at several levels of rights.
A technician will not have the same privileges on the application as his supervisor. The supervisor will also not have the same rights as the director of human resources or the CEO. In this kind of application, the password is the guarantor of data security. We must therefore protect it assiduously. So using encryption becomes indispensable.
Why encrypt passwords ?
The answer is simple. This is to keep confidential the password that has been assigned to the user outside the application.
There is also a part of deontology to the extent that even the person in charge of the application should not know the personal identifiers of the users.
It does not concern him. Let's go back to our example.
Who says extranet also says access to the application from the Internet. It is then necessary to encrypt the data via a secure HTTPS connection and to protect the application against potential hackers access. Let's say that this extranet was badly coded and that it includes a SQL injection flaw. A hacker could then retrieve the passwords stored in the database and enter the application without problems with the identifiers of the CEO. If the passwords are encrypted, the hacker will have much more trouble finding their correspondence in cleartext. In this example, the attack comes from outside but what if the weakness is within the system?
Indeed, suppose we have to maintain the database by connecting directly to it. The company which designed the application sends its database administrator in intervention. This technician intervenes in the company which uses the application but is not part of it. However, he will manipulate the database. This means that he will most likely be able to see everything inside including login credentials. Had the passwords been saved in cleartext, he could have taken control of any user accesses on the extranet application. Nevertheless, nothing prevents him to create a new user with all the rights directly in the database. We will see then that a traditional encryption is not enough to reinforce the security of a password.
Password protection by hashing
This is an encryption method used to encrypt a string without the possibility to reverse this operation. The hash result usually produces an unique and fixed length chain. For example, that is the case the MD5 and SHA1 algorithms. Thus, during an authentication phase, we do not compare two passwords in cleartext but two hashes of the password.
Why simple hashes are not enough anymore?
This method allows to encrypt the strings efficiently but remains « crackable » because on Internet there are « rainbow tables » (dictionaries) which are able to return you the clear string of a
sha1() or any other standard hash algorithm.
No need to remember that the standard passwords like root, superadmin, toto... exist in these dictionaries. As long as the original password is a dictionary word, it is very likely that we can find it in a rainbow table from its hash.
Hasher the passwords using « salts »
This technique consists of concatenating one or more keys (also called "salt" or "seed") with the password, and then hashing the chain thus created. Of course, the key(s) must remain secret in the application configuration file. It makes it impossible to easily retrieve the original password in cleartext in a rainbow table from the MD5. The security of the password resides in the complexity and confidentiality of the chosen keys.
Choice of password
For the security of your merchant account, follow these recommendations concerning your password:
- Use a dense password to create your FedaPay account. It means a password of at least 8 characters with numbers and characters in uppercase and lowercase;
- Avoid using the same password on several different accounts. If someone somehow gets your password, he will access to all your accounts using the same credentials;
- avoid giving your password to anyone;
- remember to change your password as often as you want.
Setting up secret questions
Finally, think about defining secret questions for which you will be the only one to know the answers.
This allows you to be able to confirm that you are effectively the author of the payment requests or when changing your password.
You can define your secret questions and even change your password from this part of your dashboard.
Choose your two secret questions in the list and answer to each of them and click on Save.