When establishing database schema for password management, deciding on the appropriate data type and length for hashed passwords is crucial. This decision hinges on the chosen hashing algorithm.
Hash Algorithm and Length
Hash functions produce fixed-length results regardless of the input's size. Hash values are often represented as hexadecimal strings, which vary in length based on the algorithm used:
Data Type Considerations
The appropriate data type for storing hashed passwords depends on the specific hash algorithm:
Specific Recommendations
For password hashing, it's not recommended to use direct hash functions but rather key-strengthening algorithms like Bcrypt or Argon2i. These algorithms generate hashed passwords of varying lengths typically represented using CHAR(60).
Additional Considerations
While it's possible to store hashed passwords as strings of hexadecimal digits, it's not recommended because it makes unhexing them easier. Additionally, it's emphasized that using simple hash functions is inadequate for secure password storage. NIST recommends SHA-256 or higher for most applications but discourages their use for password hashing.
The above is the detailed content of What Data Type and Length Should I Use for Storing Hashed Passwords in My Database?. For more information, please follow other related articles on the PHP Chinese website!
How to return to the homepage from an html subpage
The role of pycharm
How to solve error1
Introduction to shortcut keys for minimizing windows windows
Detailed explanation of oracle substr function usage
What platform is Kuai Tuan Tuan?
WiFi is connected but there is an exclamation mark
How to open mdf file
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
