dqyin0101 2012-01-07 15:59
浏览 22
已采纳

在安全代码中需要不同的字符

Example security code:

a35sfj9ksdf

How can I ask a user for several characters (e.g. first, forth and ninth) of their security code and then check these? The main difficulty comes in how do I store the seucurity code in an encrypted form - if I were to store each character individually, then the encryption would be incredibly easy to break.

  • 写回答

3条回答 默认 最新

  • dscojuxf69080 2012-01-07 16:22
    关注

    A possibility that was described neither here nor at How to store and verify digits chosen at random from a PIN/Password is this:

    • Create a random salt of the same length as the seucrity code (here 11)
    • Store the salt with the user
    • for every char of the security code, replace the corresponding char of the salt with the char from the security code and hash it securely
    • store these hashes with the user

    Now you have to store the manageable quantity of n+1 fields for a security code of length n and can still verify single (position,char) tuples

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥15 linux驱动,linux应用,多线程
  • ¥20 我要一个分身加定位两个功能的安卓app
  • ¥15 基于FOC驱动器,如何实现卡丁车下坡无阻力的遛坡的效果
  • ¥15 IAR程序莫名变量多重定义
  • ¥15 (标签-UDP|关键词-client)
  • ¥15 关于库卡officelite无法与虚拟机通讯的问题
  • ¥15 目标检测项目无法读取视频
  • ¥15 GEO datasets中基因芯片数据仅仅提供了normalized signal如何进行差异分析
  • ¥100 求采集电商背景音乐的方法
  • ¥15 数学建模竞赛求指导帮助