用户友好且难以猜测的唯一标识符 [英] Unique Identifiers that are User-Friendly and Hard to Guess
问题描述
我的团队正在使用具有旧数据库的应用程序进行工作,该数据库使用两个不同的值作为Group对象的唯一标识符:Id是一个自动递增的Identity列,其值由数据库在插入时确定. GroupCode由插入后的应用程序确定,并且为"Group" + theGroup.Id.
My team is working on an application with a legacy database that uses two different values as unique identifiers for a Group object: Id is an auto-incrementing Identity column whose value is determined by the database upon insertion. GroupCode is determined by the application after insertion, and is "Group" + theGroup.Id.
我们需要的是一种生成GroupCode的算法:
What we need is an algorithm to generate GroupCode's that:
- 是独一无二的.
- 对于用户来说,正确输入非常容易.
- 黑客很难猜测.
- 是由数据库在插入时创建的,还是由应用在插入之前创建的(即不依赖于身份列).
现有解决方案满足前两个条件,但不满足后两个条件.有谁知道一个满足上述所有条件的好的解决方案?
The existing solution meets the first two criteria, but not the last two. Does anyone know of a good solution to meet all of the above criteria?
另一个注意事项:即使用户在外部使用此代码,并且即使ID可以为其他表提供更好的标识符以链接其外键,其他表也可以使用GroupCode来引用特定的组.
One more note: Even though this code is used externally by users, and even though Id would make a better identifier for other tables to link their foreign keys to, the GroupCode is used by other tables to refer to a specific Group.
谢谢.
推荐答案
是否可以添加新列?它可以由身份和一个随机的32位数字组成.
Would it be possible to add a new column? It could consist of the Identity and a random 32-bit number.
然后可以将这64位数字转换为《难忘的随机字符串》.这不是完美的安全策略,但可能足够好.
That 64 bit number could then be translated to a «Memorable Random String». It wouldn't be perfect security wise but could be good enough.
以下是使用Ruby和 Koremutake
Here's an example using Ruby and the Koremutake gem.
require 'koremu'
# http://pastie.org/96316 adds Array.chunk
identity=104711
r=rand(2**32)<<32 # in this example 5946631977955229696
ka = KoremuFixnum.new(r+identity).to_ka.chunk(3)
ka.each {|arr| print KoremuArray.new(arr).to_ks + " "}
结果:
TUSADA REGRUMI LEBADE
TUSADA REGRUMI LEBADE
还可以查看语音可记住的密码生成算法.
这篇关于用户友好且难以猜测的唯一标识符的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
