'svn commit: r1554281 - /httpd/httpd/trunk/docs/manual/mod/mod_auth_digest.xml'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       apache-cvs
Subject:    svn commit: r1554281 - /httpd/httpd/trunk/docs/manual/mod/mod_auth_digest.xml
From:       sf () apache ! org
Date:       2013-12-30 17:35:54
Message-ID: 20131230173554.B8B5423888A6 () eris ! apache ! org
[Download RAW message or body]

Author: sf
Date: Mon Dec 30 17:35:54 2013
New Revision: 1554281

URL: http://svn.apache.org/r1554281
Log:
mention insecure password storage as pointed out by Graham

Modified:
    httpd/httpd/trunk/docs/manual/mod/mod_auth_digest.xml

Modified: httpd/httpd/trunk/docs/manual/mod/mod_auth_digest.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_auth_digest.xml?rev=1554281&r1=1554280&r2=1554281&view=diff
 ==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_auth_digest.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_auth_digest.xml Mon Dec 30 17:35:54 2013
@@ -33,8 +33,11 @@
     <p>This module implements HTTP Digest Authentication
     (<a href="http://www.faqs.org/rfcs/rfc2617.html">RFC2617</a>), and
     provides an alternative to <module>mod_auth_basic</module> where the
-    password is not transmitted as cleartext. However, the security
-    improvement over basic authentication is very small. Encrypting the
+    password is not transmitted as cleartext. However, this does
+    <strong>not</strong> lead to a significant security advantage over
+    basic authentication. On the other hand, the password storage on the
+    server is much less secure with digest authentication than with
+    basic authentication. Therefore, using basic auth and encrypting the
     whole connection using <module>mod_ssl</module> is a much better
     alternative.</p>
 </summary>
@@ -79,9 +82,11 @@
     man-in-the-middle attacker can trivially force the browser to downgrade
     to basic authentication. And even a passive eavesdropper can brute-force
     the password using today's graphics hardware, because the hashing
-    algorithm used by digest authentication is too fast. Therefore
-    using <module>mod_ssl</module> to encrypt the whole connection is
-    recommended.</p>
+    algorithm used by digest authentication is too fast. Another problem is
+    that the storage of the passwords on the server is insecure. The contents
+    of a stolen htdigest file can be used directly for digest authentication.
+    Therefore using <module>mod_ssl</module> to encrypt the whole connection is
+    strongly recommended.</p>
     <p><module>mod_auth_digest</module> only works properly on platforms
       where APR supports shared memory.</p>
     </note>


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic