最安全的LAMP加密方法 [英] Safest LAMP encrypt method

问题描述

PHP与MySQL一起使用时，最安全的加密/解密方法是什么-假设存储密码?

what is PHP's safest encrypt/decrypt method, in use with MySQL - to store let's say passwords?

当然，不是出于门户目的-哈希是其中最安全的选择.

我想为整个团队在线存储很少的密码(域/mysql/ftp ...)，因此我们可以登录并检查密码，但是我真的不想危害客户的业务.出于某些明显的原因，不能使用哈希-在登录后，我们需要以可读的形式重新获得密码-(每次:D都没有必要运行彩虹表.)

I want to do little password (domain/mysql/ftp...) storage for our whole team online, so we could log in and check to passwords, but I don't want really to endanger our clients' bussinesses. Hash can't be used for obvious reasons - we need to get the passwords in readable form back, after logging in - (Doesn't really make sense to run rainbow tables every time :D).

有什么主意吗?

到目前为止，只有mysql级的AES.您是否认为任何事情会更好/更安全，或者您有使用第三方开放源代码的经验?

so far, there was just mysql-level AES. Do you think anything would be better/safer or do you have any experience with 3rd party open source code?

推荐答案

如果要加密和解密，则不妨考虑使用MySQL的内置AES加密.这使您可以使用盐(每个项目甚至是随机盐)，然后将加密的数据存储为二进制斑点.然后，您可以获取盐或使用存储的盐，然后解密数据.

If you want encrypt and decrypt then you may wish to consider MySQL's built-in AES encryption. This allows you to use a salt (even a random salt for each item) and then store the encrypted data as a binary blob. You can then fetch the salt or use a stored one, and decrypt the data.

此处提供了有关AES加密/解密的很好的指南: http://techpad. co.uk/content.php?sid=82

There's a good tutorial on AES encyrption/decryption here: http://techpad.co.uk/content.php?sid=82

这篇关于最安全的LAMP加密方法的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！