I run an MMORPG game and today while moving from one server to another, apache f
ID: 660547 • Letter: I
Question
I run an MMORPG game and today while moving from one server to another, apache failed and listed some of the data on the server including a back-up of all the source code + database which a few people downloaded
By the time I realized that happened, I forced a password change on all users and I immediately changed my database password
The passwords were encrypted with SHA1 and as I realized some users got hacked (so I'm guessing their passwords were cracked) after asking the users who got hacked about what their passwords were, they were mostly numerical passwords which were cracked. The accounts that got hacked did ingame actions that affect the whole gameplay and thus I'm forced to restore my latest backup of the database (which is also the database the hackers have)
Now, once I do that. The passwords for the users would have stayed the same (the ones that were cracked) so I was wondering how would I be able to restore my database backup and also ensure that the users are secure
I thought of generating random passwords for each users + salt and emailing them their new password, so they have a new password which the hackers do not have, and after they login they will also be forced to change it. Would that be best practice? Does anyone have a better idea?
Explanation / Answer
Assuming you have a password reset function (I'd be surprised if you didn't), I'd just blank/replace the hashes with something empty/useless. This way, nobody can log in, and the proper user can reset their password to regain access.
You should consider using a better hashing technique than SHA-1. For simple passwords, there are Rainbow Tables and other precomputed password lists for plain (unsalted) SHA-1. At a very minimum, you should be salting your hashes, and preferably using a technique like PBKDF2, bcrypt, or scrypt to generate hashes in a way that makes it much harder for a future attacker to crack the hashes.