Password-Based Authentication Security Pattern
A subject proves identity by providing a correct identifier (username/email) and corresponding password. Relies on the assumption that only the actual owner knows the correct password.
Core Components
| Role | Type | Responsibility |
|---|---|---|
| Subject | Entity | Provides identifier and password |
| Enforcer | Enforcement Point | Ensures authentication before action processing |
| Verification Manager | Entity | Collects inputs for password verification |
| Comparator | Decision Point | Compares hash values |
| Hasher | Cryptographic Primitive | Calculates hash values |
| Password Store | Storage | Keeps hash values for registered identities |
| Registrar | Entity | Handles subject registration |
| Resetter | Entity | Handles credential reset |
| Password Policy | Information Point | Rules passwords must satisfy |
| SRNG | Cryptographic Primitive | Secure random number generator |
Data Elements
- •id: Identifier (username, email)
- •pwd: Password provided by Subject
- •hash(pwd): Hash value of password
- •salt: Random value unique per Subject
- •pepper: System-wide secret for additional protection
Password Hashing
Required Approach
- •Use modern password hashing algorithms: Argon2, scrypt, bcrypt, or PBKDF2
- •Never use general-purpose hash functions (MD5, SHA-1, SHA-256) alone
- •Always use salting (typically automatic with modern algorithms)
Salting
- •Add random string unique per Subject before hashing
- •Ensures identical passwords produce different hashes
- •Salt stored in plaintext alongside hash
- •Modern algorithms handle salt automatically
Peppering (Optional)
- •System-wide secret added before hashing
- •Stored separately from password store
- •Provides additional protection if password store is compromised
Registration Flow
Three approaches for credential determination:
- •Subject provides identifier and password
- •Subject provides identifier; Registrar selects password
- •Registrar selects both identifier and password
Upon completion:
- •Password Store contains: identifier, hash(salted password), salt
- •Subject possesses: identifier and password
Password Policy
Enforce policies including:
- •Minimum/maximum length
- •Character requirements
- •Common password blacklist
- •Breach database checking
Password Reset
- •Verify Subject identity through out-of-band channel
- •Generate time-limited reset token
- •Never reveal whether account exists
- •Invalidate existing sessions after reset
- •Force re-authentication
Security Considerations
Password Store Protection
- •Encrypt at rest
- •Restrict access
- •Monitor for breaches
- •Detect tampering
Identifier Security
- •Don't rely on identifier secrecy
- •Prevent enumeration attacks
- •Use consistent timing for valid/invalid identifiers
Verification Timing
- •Use constant-time comparison
- •Prevent timing attacks
Implementation Checklist
- • Using Argon2/scrypt/bcrypt/PBKDF2
- • Automatic salting enabled
- • Password policy enforced
- • Secure reset flow implemented
- • Rate limiting on login attempts
- • Constant-time hash comparison
- • No credential logging
References
- •Source: https://securitypatterns.distrinet-research.be/patterns/01_01_002__authentication_pwd/
- •OWASP Password Storage Cheat Sheet