The Weakest Link: On Breaking the Association between Usernames and Passwords in Authentication Systems

Over the last decade, we have seen a significant number of data breaches affecting hundreds of millions of users. Leaked password files / Databases that contain passwords in plaintext allow attackers to get immediate access to the credentials of all the accounts stored in those files. Nowadays most systems keep passwords in a hashed salted form, but using brute force techniques attackers are still able to crack a large percentage of those passwords. In this work, we present a novel approach to protect users' credentials from such leaks. We propose a new architecture for the password file that makes use of multiple servers. The approach is able to defend even against attackers that manage to compromise all servers - as long as they do not do it at the same time. Our prototype implementation and preliminary evaluation in the authentication system of WordPress suggests that this approach is not only easy to incorporate into existing systems, but it also has minimal overhead.