Are ENCODE () and DECODE () the "best" way to handle application password field in MySQL?

I am developing on a LAMP stack (erl) and know several ways to store hidden passwords. I would love to hear from those who think they have the best practice given MySQL 4.1.1 and Perl 5.8 and the reasons why this is the best.

One of the options I read using the MySQL ENCODE () and DECODE () functions sounds pretty good to me ... your thoughts?

+1


source to share


7 replies


I think a salted hash with a proper hash function like SHA-256 is the best. Passwords that are reversible are not as secure as those that cannot be reversed. Without the Perl external module, you can use the built-in SHA1 () function instead, not as good as SHA256, but better than ENCODE / DECODE.



Also, you need to consider a sniffable path from your code to the database. You can avoid this risk by hashing your code or encrypting your database connection. It is best to do this in code, because even with encryption of the connection, there is still a risk that the query logs will be configured and the plaintext will be stored somewhere in the log file.

+6


source


Generally, I prefer storing passwords as hashes that cannot be recovered rather than encrypted items that can be decrypted.

By calculating the hash from the string provided by the visitor (of course, of course), I can determine if the user has provided the same password twice without a security risk, allowing my application to decrypt the provided password, possibly maliciously.



I mean, encode () and decode () are probably good solutions when you want to recover data, but these fatal hashes (using Crypt :: MD5) are the best approach for storing passwords.

+8


source


If you only need the password for user / user authentication, it is better to keep one-way storage (like md5).

+5


source


Ok, since there is a function DECODE()

, I would say no, for the simple fact that you probably want to store the password in a hashed form so that no one else gets your database / password file from randomly reading passwords.

I would recommend going with the classic salted hash method.

+3


source


Some applications require the user's password to be recovered, not a system in which the user's password is randomly reset something if forgotten (because it cannot be decrypted because you are using a hash). In this case, encoding and decoding is fine, but why not use the built-in functions AES_ENCRYPT and AES_DECRYPT?

Also, stick to the suggestion to use a salt value, be it hash or encryption. This is useful in both scenarios.

+3


source


I'm not sure what these functions do, but for the passwords on the LAMP stack website, I would definitely use a salted field.

Your user table will have:

  • name
  • broadcast
  • salt

The text password is then encoded using some kind of encoding function while concatenating the plain text password and salt. This result falls into the skip field. Salt is also stored. This way you can check plaintext passwords when the user logs in. The salt can be anything, the longer and more random the better, but I don't think it's sensitive.

This greatly improves security as now your users no longer use 5 letter passwords, they use 5 + len (salt) passwords, and if the salt is large enough, no rainbow database will ever contain your hashes.

+1


source


If you can decrypt your password, your security will be compromised. You should always hash the password with a salt, MD5 is popular but there are excellent hashing like SHA and SHA-256.

0


source







All Articles