Securing passwords with hash value

摘要

A password security system, hosted by a server, whose method of operation may include receiving a client hash value from a client where the client hash value is computed by hashing a password to generate a first hash value, and hashing the first hash value combined with a user input of an answer to a challenge to generate the client hash value. A server hash value is computed using password data for the user that is stored in a data store coupled to the server and a server-side answer that is stored in the data store. A determination is made whether the server hash value matches the client hash value and data access is granted to the user in view of a determination that the server hash value matches the client hash value, and data access is denied to the user in view of a determination that the server hash value does not match the client hash value.

主权项

1. A method of securing a password comprising:
receiving, by a processing device of a server computer system, a client hash value from a client, the client hash value computed by hashing the password to generate a first hash value, and hashing the first hash value combined with a user input of an answer to a challenge in response to a challenge presented to the user to generate the client hash value; computing, by the processing device of the server computer system, a server hash value using password data for the user that is stored in a data store coupled to the server and a server-side answer that is stored in the data store; determining, by the processing device of the server computer system, whether the server hash value matches the client hash value; and granting, by the processing device of the server computer system, data access to the user in view of a determination that the server hash value matches the client hash value and denying data access to the user in view of a determination that the server hash value does not match the client hash value.