最安全的LAMP加密方法 [英] Safest LAMP encrypt method
问题描述
PHP与MySQL一起使用时,最安全的加密/解密方法是什么-假设存储密码?
what is PHP's safest encrypt/decrypt method, in use with MySQL - to store let's say passwords?
当然,不是出于门户目的-哈希是其中最安全的选择.
我想为整个团队在线存储很少的密码(域/mysql/ftp ...),因此我们可以登录并检查密码,但是我真的不想危害客户的业务.出于某些明显的原因,不能使用哈希-在登录后,我们需要以可读的形式重新获得密码-(每次:D都没有必要运行彩虹表.)
I want to do little password (domain/mysql/ftp...) storage for our whole team online, so we could log in and check to passwords, but I don't want really to endanger our clients' bussinesses. Hash can't be used for obvious reasons - we need to get the passwords in readable form back, after logging in - (Doesn't really make sense to run rainbow tables every time :D).
有什么主意吗?
到目前为止,只有mysql级的AES
.您是否认为任何事情会更好/更安全,或者您有使用第三方开放源代码的经验?
so far, there was just mysql-level AES
. Do you think anything would be better/safer or do you have any experience with 3rd party open source code?
推荐答案
如果要加密和解密,则不妨考虑使用MySQL的内置AES加密.这使您可以使用盐(每个项目甚至是随机盐),然后将加密的数据存储为二进制斑点.然后,您可以获取盐或使用存储的盐,然后解密数据.
If you want encrypt and decrypt then you may wish to consider MySQL's built-in AES encryption. This allows you to use a salt (even a random salt for each item) and then store the encrypted data as a binary blob. You can then fetch the salt or use a stored one, and decrypt the data.
此处提供了有关AES加密/解密的很好的指南: http://techpad. co.uk/content.php?sid=82
There's a good tutorial on AES encyrption/decryption here: http://techpad.co.uk/content.php?sid=82
这篇关于最安全的LAMP加密方法的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!