0

I have an old application (built on .Net C#) includes Users table with hashed passwords sha1(password . salt), and I need to migrate this data safely to my new Rails application (which already encrypting passwords using bcrypt-ruby gem) and looking for the best solution for this issue but with avoiding the following kind of solutions:

  1. Reset all current users' passwords and Force them to proceed 'Forget password' procedure
  2. Use any kind of plain text password (even temporarily while user login for first time into my new application for example).
  3. Use SHA1 same encryption procedure in Rails app also (I need to use BCrypt instead).

I think that the best approach (as I've read) is to let users log into my new app using their old passwords (and I don't know how to do it) and then encrypt their passwords (by BCrypt) and follow the same procedure of newly registered users' password encryption in Rails app.

I appreciate all suggested solutions to solve this issue.

Moamen Naanou
  • 1,683
  • 1
  • 21
  • 45

1 Answers1

1

You're on the right track. You need to...

  • Add a sha1_password field to your Users table in the Rails app.
  • Modify the authentication to...
    • Check their bcrypt password if it's present.
    • Check sha1_password if their new bcrypt password field is blank.
    • If there's a match, you know they are migrating, and you have their plain text password as well.
    • Set their crypt password field.
  • The end.

This will allow your users to migrate over time. Then at some point you decide you're going to make the rest go the 'reset password' route or at least start annoying them with email and eventually cut over to bcrypt completely.

Philip Hallstrom
  • 19,673
  • 2
  • 42
  • 46
  • 3
    You forgot the most important part. Nuke the sha1 hash when converted. Otherwise this entire thing is useless. – PeeHaa Sep 18 '16 at 15:58
  • @PeeHaa It's worth doing, but not strictly necessary as the first step is to "check bcrypt if present". Only if that's blank do we fall back to sha1. – Philip Hallstrom Sep 20 '16 at 14:54
  • 3
    It's very much strictly necessary. If you don't nuke it this entire effort is useless as you will still have the problem you are trying to prevent. The ability to "revert" the hashes to the plain text... – PeeHaa Sep 20 '16 at 14:58
  • @PeeHaa Ah! yes... keeping them around is a potential security hole, but it doesn't have an impact on the migration to bcrypt itself. – Philip Hallstrom Sep 20 '16 at 15:00