dsj8000 2012-02-02 07:06
浏览 69
已采纳

在mysql数据库中保护用户密码的最佳方法? [关闭]

I'm trying to find the best way to secure user passwords in a mysql database (hashing/encryption wise). I was which method was the most secure and hardest to crack. I am not very experience in the realm of encryption/hashing etc. Currently I am using a very unsecure method of doing this sort of encryption:

$encrypted_password = strrev(base64_encode($password));

I know that isn't the best way to do it, but like I said, I'm new. Could anyone point my in the right direction?

Thanks.

  • 写回答

10条回答 默认 最新

  • doulupian8725 2012-02-02 07:14
    关注

    Edit: You should take a look at hash_hmac(). I think it's a better approach than just salting.

    You can use sha1 and a salt:

    $salt = "some random string";
$encrypted_password = sha1($salt.$password);

    You add the salt to make it harder to use rainbow tables in case somebody manages to get the encrypted password list.

    You could use any one-way hashing method (I just like sha1), but it's always better to salt it before hashing.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(9条)

报告相同问题?

悬赏问题

  • ¥15 Vue3 大型图片数据拖动排序
  • ¥15 划分vlan后不通了
  • ¥15 GDI处理通道视频时总是带有白色锯齿
  • ¥20 用雷电模拟器安装百达屋apk一直闪退
  • ¥15 算能科技20240506咨询(拒绝大模型回答)
  • ¥15 自适应 AR 模型 参数估计Matlab程序
  • ¥100 角动量包络面如何用MATLAB绘制
  • ¥15 merge函数占用内存过大
  • ¥15 使用EMD去噪处理RML2016数据集时候的原理
  • ¥15 神经网络预测均方误差很小 但是图像上看着差别太大