在MySQL中存储散列密码 [英] Storing hashed passwords in MySQL

问题描述

我的问题是：在MySQL中，什么是正确的字符编码，字段类型&要存储结果的长度？

在MySQL中还有其他任何要考虑的密码安全性吗？
最后是SHA256或SHA512实际的散列选择吗？

解决方案

对于SHA1散列，CHAR（40）最佳的字段类型和长度。
字符编码应该不重要，所有字符都在ASCII范围内。为了一致性，我会使用与数据库其余部分相同的字符集。

I'm creating hashed passwords using salted sha1 in PHP.

My question is: In MySQL what is the proper character encoding, field type & length to store the result?

Is there anything else in MySQL to consider for password security? Finally are SHA256 or SHA512 practical hashing choices?

解决方案

For a SHA1 hash, CHAR(40) would be the optimal field type and length. Character encoding shouldn't matter much, all the characters are within the ASCII range. I'd go with the same character set as the rest of your database for consistency.

这篇关于在MySQL中存储散列密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！