dsj8000 2012-02-02 07:06
浏览 69
已采纳

在mysql数据库中保护用户密码的最佳方法? [关闭]

I'm trying to find the best way to secure user passwords in a mysql database (hashing/encryption wise). I was which method was the most secure and hardest to crack. I am not very experience in the realm of encryption/hashing etc. Currently I am using a very unsecure method of doing this sort of encryption:

$encrypted_password = strrev(base64_encode($password));

I know that isn't the best way to do it, but like I said, I'm new. Could anyone point my in the right direction?

Thanks.

  • 写回答

10条回答 默认 最新

  • doulupian8725 2012-02-02 07:14
    关注

    Edit: You should take a look at hash_hmac(). I think it's a better approach than just salting.

    You can use sha1 and a salt:

    $salt = "some random string";
$encrypted_password = sha1($salt.$password);

    You add the salt to make it harder to use rainbow tables in case somebody manages to get the encrypted password list.

    You could use any one-way hashing method (I just like sha1), but it's always better to salt it before hashing.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(9条)

报告相同问题?

悬赏问题

  • ¥23 (标签-bug|关键词-密码错误加密)
  • ¥66 比特币地址如何生成taproot地址
  • ¥20 数学建模数学建模需要
  • ¥15 关于#lua#的问题,请各位专家解答!
  • ¥15 什么设备可以研究OFDM的60GHz毫米波信道模型
  • ¥15 不知道是该怎么引用多个函数片段
  • ¥30 关于用python写支付宝扫码付异步通知收不到的问题
  • ¥15 隐藏系统界面pdf的打印、下载按钮
  • ¥15 基于pso参数优化的LightGBM分类模型
  • ¥15 安装Paddleocr时报错无法解决