How Does Netvibes Store Our Email Passwords?
Tuesday, December 18th, 2007 by Matt
The popular start page Netvibes features a widget that automatically checks your email for new messages. For it to do this, you must supply your email address and it’s password (as well as your mailserver, if you use POP or IMAP).
Here’s what I want to know: How are they storing our passwords? We’re giving them the login details to our email accounts, and they haven’t told us how they’re storing them!
I assume they aren’t in plain text (they’d better not be!), but how does their widget work, then? They can’t just decrypt an md5 hash when they need to access your account (or can they, somehow?). If they’re encrypting the passwords, how are they going about it? Are they using a salt? Are they using md5 or sha1? How secure is the server these passwords are sitting on?
Obviously they can’t tell us everything, as that would be a security risk. However, I think we should know a few things about how are email login details are being stored.
12:22 pm on December 18th, 2007
It’s unlikely that your passwords are encrypted when stored on their server and even if they were encrypted, it wouldn’t help.
The essence of the problem is that they need access to your decrypted password every five minutes in order to check your email. They COULD encrypt it quite easily… creating a random key the same length as your password and XORing your password with it before storage would render the encrypted password completely secure… but where do you store the key ?
The key has to be available to the same application that has access to the encrypted password in order to decrypt it. That would be like storing your house keys under the doormat. Actually, it’s more like storing your house keys in the lock of your front door.
Because they need your plaintext password to check your account there is little point in encrypting it as they need to store the decryption key with the encrypted plaintext.
The only thing they can do is try to protect the box from malicious access to the plaintext passwords. Encryption will not help in this case.
There is no known way to decrypt md5 or sha1 other than by brute force. This is a design feature of both of these hashes.
1:45 pm on December 18th, 2007
That’s what I thought. Scary, isn’t it?
Thanks for the well written comment.