31
I am developing an application where from a password provided by the user a pair of keys (authentication and encryption) is derived. The password itself is never sent to the server, only the authentication key*.
I would like to offer the user the option to "remember" his password**. It is possible to do this, via Javascript, and in a secure way?
I read several references (for example, this question in the SOEN) and apparently there is no consistent way between the various browsers (e.g.: Chrome only offers to save the password in the return the submission of the form, and only if the password itself has been submitted - which is not the case here, because the password should never leave the browser). I am looking for alternatives.
It is possible to "force" the browser to save a field
password
arbitrary, with the same level of security that it would save a password submitted? (yet that security not so high...) Preferably, satisfying this additional restriction of not sending it to the server.If you can’t save along with passwords, would there be an "equally good" solution? I considered for example the option to use
localStorage
, despite the emphatic warnings that "confidential information should not be stored in thelocalStorage
". However, I don’t see how using it can be worse than saving the password in the browser - since someone with local access to the computer can also read these passwords... The only drawback I see is that it is more vulnerable to XSS - which I believe is not necessarily the case with the saved passwords in the "normal" way, without involving Javascript (or am I mistaken?).- Note: I know the Webcrypto API being developed. In the future - when it is consolidated and widely supported - it may become the ideal solution. However, I’m looking at short-term alternatives.
* and not the cryptography: all encryption takes place on the client side, so that not even the server has access to the user’s data; for this reason, the original password must be kept confidential inclusive server. More details [of my particular case] here.
** Assume as premise that the user has chosen to store the password. I am aware that this is a tradeoff security vs. convenience, and would like to offer different user options on this - instead of impose to him. An in-depth discussion on security would be off-topic here (more appropriate for security SE. for example), this question refers only to a problem of programming: command the browser to save a password through its usual mechanisms.
Updating: by "popular demand", here goes my Threat model ("threat model") and other particular requirements.
The main concern is cloud confidentiality; that is, even if the code of my application (Javascript) must necessarily come from a reliable source (otherwise nothing I did would guarantee security), the server where the data are stored is "less-than-reliable" (i.e. there is the interest to "hide" the information confidential even of it - although it is not presumed malice a priori).
Resistance against unauthorised local access is not a concern; it is assumed that anyone with physical access to the machine is authorized to access this data (and if, for a particular user, this is not true, he will be instructed to not save your password that way).
To ease of use is a requirement of utmost importance; install plugins (Java, Webpg, etc.), password managers (Lastpass, Keepass, etc.), use a browser or particular OS (many have native integration with secure "keyrings") or even a server proxy location may be offered as option for the most conscious individuals in safety, but should not be obligatory: the system must be usable only with native browser features, platform independent.
I am posting this here because I have received too many suggestions to "don’t do it" or "do it instead", but my original question is not about security, and yes programming: whether or not it is possible to use the native mechanism of browser to "remember passwords" (each one has one, but the functionality is equivalent) programmatically.
Why not use SSL? http://cweiske.de/tagebuch/ssl-client-certificates.htm
– hernandev
@Ernandes Dar a option user use certificates on the client side may be a good idea, but I don’t intend to make it mandatory. I would prefer that access be possible only with something that the user know (i.e. he doesn’t need to be possession of something - in case the certificate file - to access the system).
– mgibsonbr
Access via HTTPS does not require a certificate on client. As long as the password is not sent in a parameter
GET
, what would be the concern with the security of the information transmitted?– utluiz
@utluiz (I don’t know if your comment is directed to me or Ernandes, but I will answer) My question is not about the safety of communicating - it will use SSL/TSL, and the authentication key will be passed via
POST
- but on the safety of data stored in the browser. If the user choose by the browser remember your password (by the way, the question also is not about "remember the session") it takes the risks that this entails (i.e. who has local access to the machine could recover this password). And certificates in the client are a good alternative, but the question is about passwords.– mgibsonbr
It would not be possible to use cookies to store the password value (if it is a problem to store the password in plaintext, encrypt it to save and decrypt it when you receive it from cookies) and load the password in the
onload
page?– Felipe Avelar
@And with what key would I cipher? The problem is, if I had a safe way to store a key like this, I could simply use this way to store the password itself... (without having to mess with cookies)
– mgibsonbr
Actually, I hadn’t thought about it, but using php, the key might as well be on the server side, right? It may be a misguided suggestion, but it is a way (the only one I can think of now) to solve your problem.
– Felipe Avelar
@Felipe.Avelar The problem is that if the key was on the server, the server could decrypt the password. The reason you use client-side encryption is because even the server doesn’t have access to your data. (in the question, I mentioned that two keys were generated, but authentication only was sent to the server; I will edit the question to give more emphasis to this fact)
– mgibsonbr
Huuum, tendi, well I don’t know if it’s a possible solution for you, but a system passwordless would not be ideal in this case? It is still possible to see more information here and here.
– Felipe Avelar
@Felipe.Velar In fact, it is not a possible solution for me, but it is an interesting technique - that I have not yet known - and can serve me well in other contexts. This one doesn’t work because you still need to keep the encryption key offline... i.e. the server doesn’t know it, so you can’t include it in the link sent by email; and anyway, this solution assumes that the email provider is reliable (which in practice is a frequent premise). Often this is "good enough", but in my case I do not intend to use email as fallback (either authentication or encryption).
– mgibsonbr
@downvoter If there’s something wrong with this question, please leave a comment so it can be improved...
– mgibsonbr
@mgibsonbr, a very important thing (fundamental?) when we think of "safety", and which I am missing in the question (and the discussion in the comments), is a clear definition of the "Threat model". The Threat model definition allows both you and the people who will try to answer your question to better understand what your "fears", what attack vectors you want to protect yourself from, etc. Ex: Your system must be resistant to Eavesdropping? And MITM? And XSS? What about local access? What about Extensions? Without the answers, it’s difficult to propose a good solution.
– Bruno Reis
@Brunoreis When I asked this question here, I wanted to keep the scope limited to a simple programming question, very objective. All this stuff you said is important, but I would choose to have this discussion on security SE. instead of here. Not that the question - if well formulated - is not on-topic on this site (it is a little wider than the OS in English), but the focus of this site is another, and the "experts" that it attracts are others. I admit that I was a little unhappy when I asked for alternatives, I should have limited to the default behavior of the browser, only.
– mgibsonbr
I want to reinforce something important to evaluate this question: http://meta.pt.stackoverflow.com/questions/1/aqui-no-stackoverflow-com
– Maniero
@mgibsonbr Does this OS(en) thread help you? Have you looked there? http://stackoverflow.com/questions/2382329/how-can-i-get-browser-to-prompt-to-save-password
– Luiz Vieira
@Luizvieira Thanks for the suggestion, but I had already posted this link myself in the question: "I read several references (for example, this question in SOEN) ..."
– mgibsonbr
@mgibsonbr Oops. It was mals. :)
– Luiz Vieira
I will still answer that question.... kkkk @mgibsonbr
– durtto