12 条用户登录系统的最佳实践 - Google 官方技术博客

By Ian Maddox, GCP Solutions ArchitectAccount management, authorization and password management can be tricky. For many developers, account management is a dark corner that doesn’t get enough attention. For product managers and customers, the resulting experience often falls short of expectations.Fortunately, Google Cloud Platform (GCP) brings several tools to help you make good decisions around the creation, secure handling and authentication of user accounts (in this context, anyone who identifies themselves to your system — customers or internal users). Whether you’re responsible for a website hosted in Google Kubernetes Engine, an API on Apigee, an app using Firebase or other service with authenticated users, this post will lay out the best practices to ensure you have a safe, scalable, usable account authentication system.### 1. Hash those passwordsMy most important rule for account management is to safely store sensitive user information, including their password. You must treat this data as sacred and handle it appropriately.Do not store plaintext passwords under any circumstances. Your service should instead store a cryptographically strong hash of the password that cannot be reversed — created with, for example, PBKDF2, Argon2, Scrypt, or Bcrypt. The hash should be saltedwith a value unique to that specific login credential. Do not use deprecated hashing technologies such as MD5, SHA1 and under no circumstances should you use reversible encryption or try to invent your own hashing algorithm.You should design your system assuming it will be compromised eventually. Ask yourself "If my database were exfiltrated today, would my users’ safety and security be in peril on my service or other services they use? What can we do to mitigate the potential for damage in the event of a leak?"Another point: If you could possibly produce a user’s password in plaintext at any time outside of immediately after them providing it to you, there’s a problem with your implementation.### 2. Allow for third-party identity providers if possibleThird-party identity providers enable you to rely on a trusted external service to authenticate a user’s identity. Google, Facebook and Twitter are commonly used providers.You can implement external identity providers alongside your existing internal authentication system using a platform such as Firebase Auth. There are a number of benefits that come with Firebase Auth, including simpler administration, smaller attack surface and a multi-platform