Utilizing a personal computing device and a computer executable application that is configured to transmit and receive data over a network (such as a browser), a user can register with and utilize one or more online services. Typically, these services are accessed via the user providing a username and password, and the service authenticating the password prior to allowing the user access to the service. Exemplary services include but are not limited to e-mail, instant messaging, banking, retail sales, and so forth.
Several security techniques have been employed in connection with preventing an attacker from acquiring passwords of users. Unfortunately, many users typically choose passwords that are fairly easy to remember for the user, which oftentimes cause the passwords to be fairly easy to guess. Accordingly, dictionary attacks can be employed to guess many passwords. An attacker performs a dictionary attack by setting forth numerous guesses for one or more usernames, wherein the guesses are passwords revealed to be commonly used in other systems, or expected to be likely used by the users of the target system (e.g. because the passwords use terms associated with the target system or company). Utilizing a dictionary attack, an attacker can oftentimes guess numerous passwords for varying usernames. To facilitate prevention of online dictionary attacks, authentication servers have been employed to limit a number of times that a computing device can submit an incorrect password for a username; if the number of incorrect guesses surpasses a threshold, the user account and/or the device making the guess is at least temporarily suspended from issuing login requests (guesses).
Configuring an authentication server to monitor incorrect guesses of passwords, however, does not prevent offline dictionary attacks. In an offline dictionary attack, the attacker acquires a copy of a password database retained in an authentication server (or acquires the authentication server itself). The attacker then analyzes content of the password database to determine how to guess passwords. For instance, some currently existing password databases include passwords in plain text. Accordingly, if an attacker acquires the copy of the password database, the attacker can quickly determine passwords for all users of the service. To strengthen password protection, hashing functions have been employed. The current accepted “best practice” is for a service to retain a hash that corresponds to a respective password, but not retain the password itself In an exemplary embodiment, for a particular user, an authentication server maintains for each user a record of the username or other user identifier, a randomly generated value specific to the user's account (referred to as a salt), and a hash value: the hash value being the result of performing a one-way hash function over the concatenation of the user's password and the salt. During authentication for a proffered username and password, the authentication server re-executes the hash function over the purported password concatenated with the salt for that user's account. The resulting hash is then compared with the hash value in the database; if the values are equal, the password is determined to be a correct match and the user is authenticated.
Even utilizing the current accepted best practice, however, an attacker can copy the database values to his or her own machine and guess passwords for usernames at leisure. Furthermore, the attacker can deploy special-purpose hardware, such as field programmable gate arrays (FPGAs) or collections of graphics processing units (GPUs) to increase the rate of password guessing compared to a commodity computing device. Moreover, the administrator of the service, if an offline dictionary attack is suspected, has no mechanism to audit which passwords were issued as guesses or which accounts may have had their password successfully guessed by the attacker. Therefore, if it is ascertained that an offline dictionary attack has occurred, there is no way for the service provider to know which passwords may have been correctly guessed, thus requiring that the service be shut down and that all users of the service be notified of a potential attack.