I am working on a project that needs to store the user's login
credentials for multiple other sites so that I can go and grab
information for them. I am trying to figure out how to do this
securely, but still make this fairly simple for the user. Here's what
I have come up with so far:
-Store the username and password of the remote system by encrypting
them using a two-way encryption algorithm.
-Use a passphrase defined by the user as part of the encryption process.
-The same passphrase will be used for all of their credentials for all
the different sites.
-The user will enter their passphrase in each time they want to use
the functionality that logs in at different sites. The passphrase
will not be stored in my system.
Does this approach seem reasonable? Is there anything important I am
overlooking that would make this system crackable?
If this system would work, which ruby packages would you suggest to do
the encryption?
Salted hashes won't work for the OP needs, since he needs to send the
original plaintext password to another site.
Anyways, for the OP, yeah, what you're proposing in general should
work. Honestly, if you keep on asking the user for a password, I'm
not sure if there's enough value in it. Depending on your threat
model, it might be acceptable to keep the unencrypted passwords cached
in memory on the server, so the user only has to unlock their keys
once per session.
Your best bet is probably to use the OpenSSL ruby library. I'd
recommend using a symmetric key algorithm like AES.
The documentation for that is a bit terse (it sort of assumes you're familiar the the C openssl library (the ruby stuff is a thin wrapper round it), but it will get the job done.
Don't forget to use filter_parameter_logging - would be a shame to go to all that effort and then dump the user's master password in your log files.
