如何在不读取密码的情况下存储第三方密码
[英]How to store thirdparty passwords without reading them
问题描述
I need help with a situation I can't get my head around. 
在无法解决的情况下,我需要帮助。 I need to store a password from a third-party service, and I dont want it to be human-readable. 我需要存储来自第三方服务的密码,并且我不希望它是人类可读的。
I came up with a (possibly dumb) solution: my service generates a secret key that encrypts/decrypts the password, and it uses that key to decrypt the password, when access third-party service is needed, and encrypt it when in need to store it. 我想出了一个(可能很愚蠢的)解决方案:我的服务生成一个加密/解密密码的秘密密钥,并在需要访问第三方服务时使用该密钥解密密码,并在需要时加密该密码。储存它。
The question is my solution safe? 问题是我的解决方案安全吗? Is it good or bad? 是好还是坏? Is there a better approach? 有没有更好的方法? Could you please point directions? 您能指点一下方向吗?
1 个解决方案
解决方案1
0 已采纳 2018-02-09 07:55:22
Storing retrievable passwords is probably one of the hardest tasks in cryptography. 存储可检索密码可能是密码术中最困难的任务之一。 Your application needs to get those passwords plaintext, and the same can do an attacker with enough privileges. 您的应用程序需要以明文形式获得这些密码,并且攻击者也可以使用足够的特权来获得这些密码。 There are some common ways to solve this problem though: 但是,有一些常见的方法可以解决此问题:
- If the target website offers an authentication service, you can exchange the plaintext password with a token, and store this token (instead of the password) for future requests. 如果目标网站提供身份验证服务,则可以将纯文本密码与令牌交换,并存储此令牌(而不是密码)以供将来使用。 The OAuth2 protocol works this way. OAuth2协议以这种方式工作。
- You can request a master password every time the user starts your application. 您可以在用户每次启动应用程序时请求主密码。 This master password is used to encrypt the website passwords, but is never stored itself, only kept in memory as long as the application runs. 该主密码用于加密网站密码,但从不存储自身,仅在应用程序运行时才保留在内存中。
- Most operating systems offer some kind of key store, in Windows it is called Data Protection API (DPAPI), in Android it's the KeyStore . 大多数操作系统提供某种形式的密钥存储的,在Windows上,它被称为数据保护API (DPAPI),在Android中它的密钥库 。 A key store solves the problem on OS level, that one cannot encrypt a password, without having the master key around (which raises the question of where to store the master key...). 密钥存储解决了OS级别的问题,即如果没有主密钥,就无法加密密码(这就提出了将主密钥存储在何处的问题……)。
None of the systems above are bullet proof, the application itself has to be able to get the passwords after all. 上面的系统都不是防弹的,毕竟应用程序本身必须能够获得密码。 This is why one tries to avoid storing passwords completely (eg storing hashes) if possible. 这就是为什么要尽可能避免完全存储密码(例如存储哈希)的原因。
If you can afford dedicated hardware, you could either out-source the password management to a second server which is not accessible from the internet, or you could think about purchasing a hardware secuity modules . 如果您能负担得起专用硬件,则可以将密码管理外包给无法从Internet访问的第二台服务器,或者可以考虑购买硬件安全模块 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.