aethyr/Aethyr
2
0
Fork 0
Code Issues 281 Pull requests Projects Releases Packages Wiki Activity Actions

Epic: Security Hardening — Upgrade Password Hashing #151

New issue
Open
opened 2026-03-15 23:08:31 +00:00 by freemo · 0 comments
freemo commented 2026-03-15 23:08:31 +00:00
Owner
Copy link

Background and Context

Player passwords are currently stored as MD5 hex digests (Digest::MD5.new.update(password).to_s) in both the GDBM passwords store and the ES PlayerCreated/UpdatePlayerPassword events. MD5 is cryptographically broken — rainbow tables and collision attacks make it trivial to reverse hashes. This Epic upgrades password storage to bcrypt with transparent migration of existing MD5 hashes.

Demonstrable Outcome

New passwords are stored as bcrypt hashes. Existing MD5 passwords are transparently upgraded to bcrypt on successful login. No player is locked out during the transition.

Acceptance Criteria

  • All new password storage uses bcrypt
  • Existing MD5 hashes are detected and upgraded on login
  • Digest::MD5 is no longer used for password hashing
  • bcrypt gem is in runtime dependencies
  • Both GDBM and ES password paths use bcrypt
## Background and Context Player passwords are currently stored as MD5 hex digests (`Digest::MD5.new.update(password).to_s`) in both the GDBM `passwords` store and the ES `PlayerCreated`/`UpdatePlayerPassword` events. MD5 is cryptographically broken — rainbow tables and collision attacks make it trivial to reverse hashes. This Epic upgrades password storage to bcrypt with transparent migration of existing MD5 hashes. ## Demonstrable Outcome New passwords are stored as bcrypt hashes. Existing MD5 passwords are transparently upgraded to bcrypt on successful login. No player is locked out during the transition. ## Acceptance Criteria - All new password storage uses bcrypt - Existing MD5 hashes are detected and upgraded on login - `Digest::MD5` is no longer used for password hashing - `bcrypt` gem is in runtime dependencies - Both GDBM and ES password paths use bcrypt
freemo added this to the v1.0.0 milestone 2026-03-15 23:19:39 +00:00
freemo self-assigned this 2026-03-16 01:26:55 +00:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
feature/m2-headless-renderer
dependabot/bundler/rdoc-6.3.2
dependabot/bundler/rexml-3.2.5
dependabot/bundler/json-tw-2.3
inprogress
dependabot/bundler/rake-tw-13.0
No results found.
Labels
Clear labels   
Blocked

Cannot proceed, depends on unresolved issue

  
Duplicate

Issue is a duplicate of an existing one

  
MoSCoW/Could Have

Desirable but not necessary, included if time permits

  
MoSCoW/Must Have

Essential, project cannot ship without it

  
MoSCoW/Should Have

Important but not strictly essential

  
Points/1

Estimated effort: 1 story points

  
Points/13

Estimated effort: 13 story points

  
Points/2

Estimated effort: 2 story points

  
Points/21

Estimated effort: 21 story points

  
Points/3

Estimated effort: 3 story points

  
Points/5

Estimated effort: 5 story points

  
Points/8

Estimated effort: 8 story points

  
Priority/Backlog

Not yet prioritized

  
Priority/Critical

Must be addressed immediately

  
Priority/High

Important, should be completed soon

  
Priority/Low

Nice to have, not time-sensitive

  
Priority/Medium

Normal priority, valid and should be addressed

  
State/Completed

Issue resolved and all PRs merged

  
State/In progress

Someone is actively working on this issue

  
State/In review

Implementation complete, PR submitted for review

  
State/Paused

Work temporarily suspended, typically blocked

  
State/Unverified

Issue created but not yet reviewed by a maintainer

  
State/Verified

Maintainer confirmed valid and actionable

  
State/Wont Do

Deliberate decision not to address this issue

  
Type/Bug

A defect in existing functionality

  
Type/Epic

Large body of work broken into multiple issues

  
Type/Feature

A new capability or user story

  
Type/Legendary

Major strategic pillar composed of multiple Epics

  
Type/Task

Technical or administrative work (not bug or feature)

  
Type/Testing

Test-only work item (TDD, test infrastructure, coverage)

No labels
Blocked
Duplicate
MoSCoW/Could Have
MoSCoW/Must Have
MoSCoW/Should Have
Points/1
Points/13
Points/2
Points/21
Points/3
Points/5
Points/8
Priority/Backlog
Priority/Critical
Priority/High
Priority/Low
Priority/Medium
State/Completed
State/In progress
State/In review
State/Paused
State/Unverified
State/Verified
State/Wont Do
Type/Bug
Type/Epic
Type/Feature
Type/Legendary
Type/Task
Type/Testing
Milestone
Clear milestone
No items
No milestone
v1.0.0
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
freemo
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Blocks
#13 Production-Ready Event Sourcing
aethyr/Aethyr
Depends on
#152 Upgrade password hashing from MD5 to bcrypt
aethyr/Aethyr
Reference: aethyr/Aethyr#151
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?