在 MySQL 中存储散列密码 [英] Storing hashed passwords in MySQL

问题描述

我正在使用 PHP 中的 salted sha1 创建散列密码.

I'm creating hashed passwords using salted sha1 in PHP.

我的问题是:在 MySQL 中，什么是正确的字符编码、字段类型 &存储结果的长度?

My question is: In MySQL what is the proper character encoding, field type & length to store the result?

MySQL 中是否还有其他需要考虑的密码安全性?最后是 SHA256 或 SHA512 实用的哈希选择吗?

Is there anything else in MySQL to consider for password security? Finally are SHA256 or SHA512 practical hashing choices?

推荐答案

对于 SHA1 哈希，CHAR(40) 将是最佳的字段类型和长度.字符编码无关紧要，所有字符都在 ASCII 范围内.为了保持一致性，我会使用与数据库其余部分相同的字符集.

For a SHA1 hash, CHAR(40) would be the optimal field type and length. Character encoding shouldn't matter much, all the characters are within the ASCII range. I'd go with the same character set as the rest of your database for consistency.

这篇关于在 MySQL 中存储散列密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！