Use passlib for password hashing

[heartsucker]

Feature request

Description

Using passlib for password hashing will give us future proof and easily migrateable password management should we change password hashing algorithms/parameters.

Possibly conflicts with #1609 depending on what the underlying cryptolib is.

User Stories

As a dev, I don't want to have to write boilerplate migration code if we bump the number of scrypt rounds.

[redshiftzero]

The migration functionality is very handy, also passlib doesn't use PyCrypto so it shouldn't cause any issues with respect to #1609.

While it isn't incredibly pressing yet, our scrypt parameters for password hashing are starting to show some age, specifically N which we have currently set to 2**14 - Golang updated their recommendations to N=2**15 in 2017. If we were to increase N to 2**15, we'd also be doubling the memory and CPU resources consumed while hashing, so we could use the migration opportunity to move to a slightly less memory hard password hashing algorithm.

[Aniq55]

May I work on this?

[ghost]

@Aniq55 absolutely yes :-)

[kushaldas]

@Aniq55 Any update on this?

[heartsucker]

Note that this is blocked by #1419

[Aniq55]

@kushaldas I'm on a break currently. You may unassigned me for now. :/

[ghost]

@Aniq55 consider yourself unassigned, thanks for the update.

[pwnchief]

@dachary can i take this up..

[heartsucker]

@pwnchief As mentioned above, this is blocked by #1419 (which I'm getting to), but that ticket itself is blocked by at least #3033 and #2948. It will probably be a long while before we can merge anything you work on. I don't want to discourage you, but it can be disheartening to work on something and have the PR sit open for months.

[pwnchief]

Ohhhhh okay thanks for the recommendation. I will wait for the labels to clear up...

[heartsucker]

passlib offers an interface to argon2 which can be installed via argon2_cffi. There was some discussion about increasing the number of scrypt rounds from 2**14 to 2**15 or even 2**16. This would make it very memory hard which might rule it out eventually. We could use this opportunity to switch to argon2.

It requires libpython2.7-dev to get pyconfig.h. Luckily this is in security.list, so we can get an auto upgrade.

$ apt-cache policy libpython2.7-dev
libpython2.7-dev:
  Installed: (none)
  Candidate: 2.7.6-8ubuntu0.4
  Version table:
     2.7.6-8ubuntu0.4 0
        500 http://archive.ubuntu.com/ubuntu/ trusty-updates/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu/ trusty-security/main amd64 Packages
     2.7.6-8 0
        500 http://archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages