You covered several of the arguments: the password moving down the
stacks and being intercepted there, the maintainability.

But there's two more things I'd raise. First off, you really shouldn't
be hashing your passwords. It's better to use something I don't know
the correct term for (I've heard adaptive hashing and iterative hashing.
I usually just call them by name). The two things to read are "Enough
with the Rainbow Tables: What you need to know about Secure Password
Schemes" [1] which covers bcrypt and Colin Percival's new algorithm
scrypt [2]. These are hashes, but they're not your standard SHA-2 fare.

These protocols are not able to be run natively in any database I know
of. Additionally, at least at my office, our database is by far the
busiest machine we have - so moving CPU-intensive work (like calculating
geographic intersections) off it is always a win for us.

-tom

[1]
http://chargen.matasano.com/chargen/2007/9/7/enough-with-the-rainbow-tab
les-what-you-need-to-know-about-s.html
[2] http://www.daemonology.net/blog/2009-05-09-scrypt-key-derivation.html

This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

[ reply ]