dongxianshuai8927
2012-08-08 18:44
浏览 183
已采纳

密码哈希应该以二进制或十六进制数存储吗?

I usually store it in hexadecimal number but realize I could save half of the space if I store it in binary inside MySQL. Are there any issues I should be aware of if I decide to store it in binary?

图片转代码服务由CSDN问答提供 功能建议

我通常将它存储在十六进制数字中,但是如果我将它存储在MySQL内的二进制文件中,我可以节省一半的空间 。 如果我决定将它存储在二进制文件中,是否有任何问题需要注意?

  • 写回答
  • 好问题 提建议
  • 关注问题
  • 收藏
  • 邀请回答

2条回答 默认 最新

  • douhuan6157 2012-08-08 18:46
    已采纳

    How many passwords are you expecting to store? Does half the space mean that much to you really?

    You are probably representing the passwords in hexadecimal form in your application, so storing them in binary adds another layer of complexity and processing overhead when you perform any operations on those passwords.

    My opinion is that you should store them in a way that is convenient for you to work with, rather than one that saves you tiny amounts of space.

    Edit:

    Going to make some assumptions and take the opportunity to help you a little further.

    Since your passwords are in hex, I'm going to assume you're not using crypt, and if you're not, you should be. Worst case scenario, you're using md5... and god is killing kittens.

    There's a lot of questions and answers about bcrypt on stack overflow already, so I'll not cover the information again here.

    The question SHA512 vs. Blowfish and Bcrypt is a good place to start though.

    Also have a read of a couple of @ircmaxell's blog posts on the subject:

    已采纳该答案
    评论
    解决 无用
    打赏 举报
  • donglang6656 2012-08-08 18:48

    From a usability standpoint, it's probably best to store the hash as a hexadecimal. Storing them in binary means one more step is required to compare a plain text input to the stored password. It also has the potential to add a layer of confusion to anyone who make work on your project after you've moved on. "Why is this password stored in binary?"

    评论
    解决 无用
    打赏 举报

相关推荐 更多相似问题