Quiz Entry - updated: 2026.06.20
What is wrong with this authentication code and what attack does it enable?
IF USER_EXISTS(username) THEN
password_hash=HASH(password)
IS_VALID=LOOKUP_CREDENTIALS_IN_STORE(username, password_hash)
IF NOT IS_VALID THEN
RETURN Error("Invalid Username or Password!")
ENDIF
ELSE
RETURN Error("Invalid Username or Password!")
ENDIF
It leaks a timing side-channel: it only hashes when the username exists, so a missing user returns faster — letting an attacker discover valid usernames despite the identical error message.
Even though the error message is the same, the code takes different amounts of time:
- If user EXISTS: Hash calculation + DB lookup (longer)
- If user DOESN'T exist: Immediate return (shorter)
Attack: Attacker can measure response times to determine which usernames exist.
Fix: Always perform the same operations (constant-time):
// Always hash the password, even if user doesn't exist
password_hash = HASH(password)
// Always get a stored hash (use dummy hash if user doesn't exist)
stored_hash = LOOKUP_USER_HASH(username)
IF stored_hash IS NULL THEN
stored_hash = DUMMY_HASH // Pre-computed fake hash
ENDIF
// Use constant-time comparison
IS_VALID = CONSTANT_TIME_COMPARE(password_hash, stored_hash)
IF NOT IS_VALID THEN
RETURN Error("Invalid Username or Password!")
ENDIF
Key principles: Hash the password regardless of user existence, always retrieve/use a hash for comparison, and use constant-time comparison to prevent timing leaks.