在 MySQL 中存储散列密码

2022-01-22 00:00:00 hash passwords mysql

我正在使用 PHP 中的 salted sha1 创建散列密码.

I'm creating hashed passwords using salted sha1 in PHP.

我的问题是:在 MySQL 中,什么是正确的字符编码、字段类型 &存储结果的长度?

My question is: In MySQL what is the proper character encoding, field type & length to store the result?

MySQL 中是否还有其他需要考虑的密码安全性?最后是 SHA256 或 SHA512 实用的哈希选择吗?

Is there anything else in MySQL to consider for password security? Finally are SHA256 or SHA512 practical hashing choices?

推荐答案

对于 SHA1 哈希,CHAR(40) 将是最佳的字段类型和长度.字符编码无关紧要,所有字符都在 ASCII 范围内.为了保持一致性,我会使用与数据库其余部分相同的字符集.

For a SHA1 hash, CHAR(40) would be the optimal field type and length. Character encoding shouldn't matter much, all the characters are within the ASCII range. I'd go with the same character set as the rest of your database for consistency.

相关文章