2016年最佳密码存储算法 [英] best algorithm to store passwords in 2016

问题描述

实际上，我读了许多与使用算法有关的帖子，例如 md5 ， sha1 等.但是我仍然不确定哪一个是当今使用的安全性和最佳选择.我是Web开发的初学者，我想请世界各地所有最好的程序员来教我并向我展示.我希望你们能给我选择和使用它的例子.谢谢

Actually I read many post related to the algorithm for use like md5, sha1 and so on. But I am still not sure which one is the secure and the best one to use nowadays. I am beginner with web development and I am asking all of the best programmers around the world to teach and show me. I hope you guys can give me the choice and example for using it. Thank You

推荐答案

偶然地:如何在2016年安全存储用户密码.

您的选择是:

• Argon2(需要PHP 7.2或PHP扩展名)
• Scrypt(需要PHP扩展名)
• 加密

如果确实需要，也可以考虑使用PBKDF2.

If you really need to, also feel free to consider PBKDF2.

鉴于您是初学者，您应该像这样编写密码验证:

Given that you're a beginner, you should be writing your password validation like this:

// Creating your hashed password:
$hash = password_hash($userPassword, PASSWORD_DEFAULT);

// Checking a user-supplied password against a stored hash:
if (password_verify($userPassword, $hash)) {
    // Login successful.
    if (password_needs_rehash($hash, PASSWORD_DEFAULT)) {
        // Recalculate a new password_hash() and overwrite the one we stored previously
    }
}

bcrypt的缺点:

Downside to bcrypt:

• 超过72个字符的密码被截断.
• 具有NUL字节的密码将被截断.

密码锁中内置了可解决这些限制的权宜之计:然后使用SHA384输入密码，然后对原始哈希值进行base64编码，然后再传递给PHP的密码API.

A stop-gap that works around these limitations is built into Password Lock: It pre-hashes passwords with SHA384 then base64-encodes the raw hash before passing to PHP's password API.

首先，创建一个加密密钥，并将其存储在文档根目录之外. (否则，黑客只能窃取密钥.)

First, create an encryption key and store it outside your document root. (Otherwise, a hacker can just steal the key.)

$newKey = \Defuse\Crypto\Key::createNewRandomKey();
file_put_contents(
    '/outside/document/root/enckey.txt',
    $newKey->saveToAsciiSafeString()
);

现在，您可以将此密钥与密码结合使用:

Now, you can use this key in conjunction with your passwords:

$key = Key::loadFromAsciiSafeString(
    file_get_contents('/outside/document/root/enckey.txt')
);

// Hashing a password with PasswordLock:
$storeMe = PasswordLock::hashAndEncrypt($_POST['password'], $key);

// Verifying a password with PasswordLock:
if (PasswordLock::decryptAndVerify($_POST['password'], $storeMe, $key)) {
    // Success!
}

您现在可以将Argon2与

新标准:Argon2(通过Libsodium)

除非您使用的是PHP 7.2或更高版本，否则需要安装libsodium和PHP扩展以使用Argon2.密码哈希处理是dium_compat提供的不功能之一.

You can now use Argon2 with password_hash() in PHP 7.2

The new standard: Argon2 (via Libsodium)

Unless you're on PHP 7.2 or higher, you'll need to install libsodium and the PHP extension to use Argon2. Password hashing is one of the features that is not provided by sodium_compat.

// Password hashing:
$hash_str = sodium_crypto_pwhash_str(
    $password,
    SODIUM_CRYPTO_PWHASH_OPSLIMIT_INTERACTIVE,
    SODIUM_CRYPTO_PWHASH_MEMLIMIT_INTERACTIVE
);
// Password verification:
if (sodium_crypto_pwhash_str_verify($hash_str, $password)) {
    // recommended: wipe the plaintext password from memory
    sodium_memzero($password);

    // Password was valid.
} else {
    // recommended: wipe the plaintext password from memory
    sodium_memzero($password);

    // Password was invalid.
}

中级:加密

您将需要可通过PECL获得的scrypt扩展:

pecl install scrypt
echo "extension=scrypt.so" > /etc/php5/mods-available/scrypt.ini
php5enmod scrypt

安装后，使用起来非常简单:

Once that's installed, using it is fairly straightforward:

// Hashing:
$hash = \Password::hash($userProvidedPassword);
// Validation:
if (\Password::check($userProvidedPassword, $hash)) {
    // Logged in successfully.
}

真正使用scrypt的唯一原因是兼容性.此时，请使用Argon2或bcrypt.

The only reason to really use scrypt is compatibility; at this point, go with either Argon2 or bcrypt.

如果需要PBKDF2，我强烈建议使用 Defuse Security的跨平台密码哈希库. . (不过，您应该考虑只使用password_*！)

I highly recommend going with Defuse Security's cross-platform Password Hashing library if you need PBKDF2. (You should consider just using password_*, however!)

$hash = PasswordStorage::create_hash($password);
if (PasswordStorage::verify_password($password, $hash)) {
    // Success
}

---

以上任何选择都是可接受的. Argon2可能是最安全的，但尚未在PHP中广泛使用.清单中没有的任何事物都应被视为健康的怀疑论者.

---

Any of the above choices are acceptable. Argon2 is probably the most secure, but it's not widely available in PHP yet. Anything absent from this list should be regarded with a healthy dose of skepticism.

这篇关于2016年最佳密码存储算法的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！