Are ENCODE () and DECODE () the "best" way to handle application password field in MySQL?
I am developing on a LAMP stack (erl) and know several ways to store hidden passwords. I would love to hear from those who think they have the best practice given MySQL 4.1.1 and Perl 5.8 and the reasons why this is the best.
One of the options I read using the MySQL ENCODE () and DECODE () functions sounds pretty good to me ... your thoughts?
source to share
I think a salted hash with a proper hash function like SHA-256 is the best. Passwords that are reversible are not as secure as those that cannot be reversed. Without the Perl external module, you can use the built-in SHA1 () function instead, not as good as SHA256, but better than ENCODE / DECODE.
Also, you need to consider a sniffable path from your code to the database. You can avoid this risk by hashing your code or encrypting your database connection. It is best to do this in code, because even with encryption of the connection, there is still a risk that the query logs will be configured and the plaintext will be stored somewhere in the log file.
source to share
Generally, I prefer storing passwords as hashes that cannot be recovered rather than encrypted items that can be decrypted.
By calculating the hash from the string provided by the visitor (of course, of course), I can determine if the user has provided the same password twice without a security risk, allowing my application to decrypt the provided password, possibly maliciously.
I mean, encode () and decode () are probably good solutions when you want to recover data, but these fatal hashes (using Crypt :: MD5) are the best approach for storing passwords.
source to share
Ok, since there is a function DECODE()
, I would say no, for the simple fact that you probably want to store the password in a hashed form so that no one else gets your database / password file from randomly reading passwords.
I would recommend going with the classic salted hash method.
source to share
Some applications require the user's password to be recovered, not a system in which the user's password is randomly reset something if forgotten (because it cannot be decrypted because you are using a hash). In this case, encoding and decoding is fine, but why not use the built-in functions AES_ENCRYPT and AES_DECRYPT?
Also, stick to the suggestion to use a salt value, be it hash or encryption. This is useful in both scenarios.
source to share
I'm not sure what these functions do, but for the passwords on the LAMP stack website, I would definitely use a salted field.
Your user table will have:
- name
- broadcast
- salt
The text password is then encoded using some kind of encoding function while concatenating the plain text password and salt. This result falls into the skip field. Salt is also stored. This way you can check plaintext passwords when the user logs in. The salt can be anything, the longer and more random the better, but I don't think it's sensitive.
This greatly improves security as now your users no longer use 5 letter passwords, they use 5 + len (salt) passwords, and if the salt is large enough, no rainbow database will ever contain your hashes.
source to share