Hashing
INotSleep opened this issue · 1 comments
What feature do you want to see added?
Dear AuthMe developers,
I believe it would be much better to switch the default password hashing algorithm from SHA-256 to ARGON2 or BCRYPT, and implement encryption for players' IP addresses.
Many small and medium Minecraft projects face security risks due to leaks on sites like vipchecker.ru, bonday.xyz, and foxkeys.io. SHA-256 is easily compromised with brute-force attacks using modern software and hardware. Attackers can crack a full database in a week on an average PC using GPU brute-forcing.
By using ARGON2 or BCRYPT, which are much harder to break, even small projects can significantly boost their security. Implementing IP encryption will further protect against potential breaches, as many smaller servers don’t prioritize this.
This solution can safeguard your project from common attacks and data theft, especially important for those who haven’t focused on security yet.
Are there any alternatives?
There's only 1 alternative - recode plugin
Anything else?
Example of some random password checker
I agree with your suggestion to switch to a more modern hashing algorithm, but regarding IP encryption I have some comments.
I don't understand how useful it could be to encrypt the IP address. I know it's classified as PII data. However, how should it be implemented? If we use software encryption, where should we store the decryption key? The address is actively used during runtime. If the attacker can extract the database, they will likely could access the decryption key too. Well other means of stores like hardware tokens could prevent that, but will limit the user experience.
Furthermore, enabling file system encryption would be much easier to implement for the end user although limited to hardening hardware attacks. All this certainly would be out of scope for this project. However, pruning old or disable storing IP address would be a good fit to comply with privacy laws.