I’m not sure but I think the previous password is mostly stored in an unrecoverable format and only upon changing your password, when you have to enter your previous one, does it store it in an unrecoverable format for 10x or so generations.
Just a guess though for how AD might do it.
This is everything you ever needed to know about passwords.
There’s a thing called a “one way hash”. It’s a formula run against your plain text password that produces the same result every time it’s run, but can’t be turned back into your password.
Imagine you assign a number for each character, a is 1, b is 2, etc. A (bad) one way hash would be to add up the number of each character and store that. So if your password was “bacj” that would be 2 + 1 + 3 + 10 = 16. So they could store just “16”, but that couldn’t be turned back into your password.
This is a bad hash to use for a couple reasons. One is that many, many things would equal 16. You want something with less overlap or “collisions”. It doesn’t have to be zero collisions either. It’s not completely impossible that more than one password would get you into your GMail, though figuring out which alternative would work would be practically impossible.
The other is that this one is way too fast for a computer to compute. If someone gets your hashed password and the formula they used, they could try a million guesses per minute until they randomly guessed your password. This is called a “brute force attack”. To prevent this, websites use two things. One is that they limit the number of attempts you can make. They can allow you to try ten times per ten minutes and that’s more than enough to slow a brute force attack. But this only stops them if they’re trying through the website. If they have your hash and the formula used on their machine (like a data leak), the attempt limit on the website does nothing. Instead, they should use a “cryptographic hash”, which has all the properties we’ve mentioned, but also takes a good amount of time to compute, even on a good computer. A solid fraction of a second is enough, as long as you used a good password. It doesn’t take many attempts to guess “qwerty” or “shadow” or “misty”, even with leetspeak. If they can guess it in a million attempts, it’s not a good password. Also there are public lists of known passwords that is one of the first things they’ll try.
Another attack is called a “rainbow table”. This is where they take the most common cryptographic hashes, and a list of known, compromised passwords, and they’ll have run the hashes against those passwords years ago and stored them. Now they don’t have to compute the value. They’ll just try each value in the table. To prevent this, every secure site will use what’s known as a “salt”, which is just a random extra password that they’ll literally just stick onto the end of your password before they compute. So even if your password is “shadow”, they’ll have “shadow” + “jfyengighshtogusnwkyifhd” as your password. But the second part is stored in their database in plain text, so the salt is much less secure than your password. You’ll still be vulnerable to a brute force attack, but you won’t be vulnerable to a rainbow table attack.
Remember, if you use the same password everywhere, one site having bad security (or compromised on the front end) means bad actors will have added that password to the list of known passwords. That’s the first thing bad actors will try in a brute force attack forever after. Use a password manager like KeePass or Bitwarden, maybe even 1Password. You have no idea how amazing it is to not need to remember which email you used for which site, and not care what the security requirements are. Every password you have can be 30 character, special character nonsense, and the manager will just handle it for you. I literally can’t tell you my Lemmy password. And I promise that it’s not in that list of known passwords. I just narrowed the possibilities by a few million passwords, does that help you guess my password?
Oh, and getting back to the point, a site can store your past ten hashes without compromising security. It is fucking annoying though.
More modern security practice doesn’t require you to change your password, ever. If there is a required password change, it should be in years, not months. Your good password plus their good security practices means that even if hackers get every piece of data that company has, they still won’t be able to figure out your password for decades, or longer. And that’s only if they try your account first.
(If they take control of the website, they can just read your password when you type it. Another reason to not use the same password everywhere.)
I mean, Google already does this for account recovery. One of their recovery methods involves entering “the most recent password you remember” and I’m guessing on the back end also does some precision guess work related to the machine making the reset attempt. If it’s a LG phone in Fargo ND matching one you were previously logged into it’ll be more likely to let you in for example (this is pure speculation based on what I’ve witnessed people struggling to regain access to their Google accounts go through)
I’m not sure but I think the previous password is mostly stored in an unrecoverable format and only upon changing your password, when you have to enter your previous one, does it store it in an unrecoverable format for 10x or so generations. Just a guess though for how AD might do it.
That doesn’t make it better.
Even if you only store past passwords, that is absolutely disgusting security practice.
This is everything you ever needed to know about passwords.
There’s a thing called a “one way hash”. It’s a formula run against your plain text password that produces the same result every time it’s run, but can’t be turned back into your password.
Imagine you assign a number for each character, a is 1, b is 2, etc. A (bad) one way hash would be to add up the number of each character and store that. So if your password was “bacj” that would be 2 + 1 + 3 + 10 = 16. So they could store just “16”, but that couldn’t be turned back into your password.
This is a bad hash to use for a couple reasons. One is that many, many things would equal 16. You want something with less overlap or “collisions”. It doesn’t have to be zero collisions either. It’s not completely impossible that more than one password would get you into your GMail, though figuring out which alternative would work would be practically impossible.
The other is that this one is way too fast for a computer to compute. If someone gets your hashed password and the formula they used, they could try a million guesses per minute until they randomly guessed your password. This is called a “brute force attack”. To prevent this, websites use two things. One is that they limit the number of attempts you can make. They can allow you to try ten times per ten minutes and that’s more than enough to slow a brute force attack. But this only stops them if they’re trying through the website. If they have your hash and the formula used on their machine (like a data leak), the attempt limit on the website does nothing. Instead, they should use a “cryptographic hash”, which has all the properties we’ve mentioned, but also takes a good amount of time to compute, even on a good computer. A solid fraction of a second is enough, as long as you used a good password. It doesn’t take many attempts to guess “qwerty” or “shadow” or “misty”, even with leetspeak. If they can guess it in a million attempts, it’s not a good password. Also there are public lists of known passwords that is one of the first things they’ll try.
Another attack is called a “rainbow table”. This is where they take the most common cryptographic hashes, and a list of known, compromised passwords, and they’ll have run the hashes against those passwords years ago and stored them. Now they don’t have to compute the value. They’ll just try each value in the table. To prevent this, every secure site will use what’s known as a “salt”, which is just a random extra password that they’ll literally just stick onto the end of your password before they compute. So even if your password is “shadow”, they’ll have “shadow” + “jfyengighshtogusnwkyifhd” as your password. But the second part is stored in their database in plain text, so the salt is much less secure than your password. You’ll still be vulnerable to a brute force attack, but you won’t be vulnerable to a rainbow table attack.
Remember, if you use the same password everywhere, one site having bad security (or compromised on the front end) means bad actors will have added that password to the list of known passwords. That’s the first thing bad actors will try in a brute force attack forever after. Use a password manager like KeePass or Bitwarden, maybe even 1Password. You have no idea how amazing it is to not need to remember which email you used for which site, and not care what the security requirements are. Every password you have can be 30 character, special character nonsense, and the manager will just handle it for you. I literally can’t tell you my Lemmy password. And I promise that it’s not in that list of known passwords. I just narrowed the possibilities by a few million passwords, does that help you guess my password?
Oh, and getting back to the point, a site can store your past ten hashes without compromising security. It is fucking annoying though.
More modern security practice doesn’t require you to change your password, ever. If there is a required password change, it should be in years, not months. Your good password plus their good security practices means that even if hackers get every piece of data that company has, they still won’t be able to figure out your password for decades, or longer. And that’s only if they try your account first.
(If they take control of the website, they can just read your password when you type it. Another reason to not use the same password everywhere.)
I think you don’t understand the point.
You enter your current password when changing your password. So it’s already there. In memory. There’s no need to persist any plain text.
In memory does not allow you to compare to multiple past passwords.
Stop, they might hear you! “Enter your previous 3 passwords”
I mean, Google already does this for account recovery. One of their recovery methods involves entering “the most recent password you remember” and I’m guessing on the back end also does some precision guess work related to the machine making the reset attempt. If it’s a LG phone in Fargo ND matching one you were previously logged into it’ll be more likely to let you in for example (this is pure speculation based on what I’ve witnessed people struggling to regain access to their Google accounts go through)