RECOMMENDATIONS ON HOW TO CHOOSE A SECURE PASSWORD STORAGE METHOD

Abstract

Using passwords remains the most common way to authenticate users for various types of information systems. This poses the challenge of securing the storage of user authentication information and protecting it from unauthorized access. In practice, various algorithms for secure password storage have become widespread. Mutually contradictory requirements for such algorithms for secure password storage, which on the one hand must be complex enough to coun ter various attacks, and on the other – simple to ensure the speed of the information system – determine the relevance of the study. There is a significant threat of direct search, especially given the fact that the computing power of CPUs and GPUs is constantly growing. Therefore, there is a need to be able to change the complexity of the hash code calcula tion, and therefore the amount of computation and time so as to significantly complicate the attack, but not cause dis comfort to the end user due to the delay in password verification. Among the known methods of secure password stor age are password encryption, the use of the hash function in the classical version, as well as the addition of salt and the use of iterations to calculate the hash code. The comparative analysis of the given methods is carried out in the work, their advantages and disadvantages are established, expedient areas of application of each method are outlined, the corresponding recommendations are developed. For the computational experiment, the tools of the Microsoft .NET Core 3.1 platform were used, which made it possible to set the time indicators of the hash code generation algorithm depending on the set parameters of the algorithm. The data obtained from the experiment can be used to select a method of securely storing passwords.