Node.JS Crypto.HMac generation for passwords

Question

Just was following a tutorial on how to store passwords in a database. they use the following to generate the hashed password:

hasher.computeHash = function(source, salt) {
    var hmac = crypto.crypto.createHmac("sha1", salt);
    var hash = hmac.update(source);
    return hash.digest("hex");
};

For what ever reason I am getting confused as when ever I have looked into Password Cryptography I always used a secret which I appended to the salt, but I can't find any resources out there which do this... What I mean is:

hasher.computeHash = function(source, salt) {
    var saltNHash = salt + "super Secret LOOONG string!!";
    var hmac = crypto.crypto.createHmac("sha1", saltNHash);
    var hash = hmac.update(source);
    return hash.digest("hex");
};

Is this a bad approach? Is there a better way of doing cryptography (storing passwords in a database) within a node module?

Thanks, Sorry if duplicate, I've looked around but I don't think I know the right keywords to google.

Answer 1

I seriously recommend following Todd Yandell's answer and using bcrypt. The slow algorithm is really what you want for passwords. That said, let me also address your question.

Let's talk about why we use salts. Salts are a way to

1. Slow down bruteforce attempts.
   If you don't use salts, two users with identical passwords will be exposed at the same time. Salting everything, individually, for each hash, forces an attacker to increase their hashing attempts by an order of N.
2. Prevent pre-computation attacks, such as rainbow tables. These attacks use the properties of related hashes and a trade-off between computation time and storage space to make attacking algorithms without salts (see windows XP) fast and easy.

Since (I think!) you are using a random salt for each password, you're already getting there.

That said, your method of appending a secret to everything really isn't that useful. While it technically adds a bit of complexity; since it's just a static string, it's not much better than security by obscurity. Once the singular secret is found once (fairly easy if there's even one or two weak passwords in your database or an attacker gains access to your machine), it's no longer useful. Stick with just your random salts and you'll (probably) be fine.

Answer 2

This is not a direct answer to your question, but I suggest using bcrypt to hash your passwords:

var bcrypt = require('bcrypt');
bcrypt.genSalt(10, function (error, salt) {
  bcrypt.hash(password, salt, function (error, hash) {
    // save `hash` to your database
  });
});

Here’s a great post describing the differences between HMAC and bcrypt:

https://security.stackexchange.com/questions/16809/is-a-hmac-ed-password-is-more-secure-than-a-bcrypt-ed-or-scrypt-ed-password