| shimmyshack 2007-03-30, 6:59 pm |
| On Mar 30, 4:32 pm, Christian Aigner <Christian.Aig...@gmx.net> wrote:
> ENCRYPT()
> PASSWORD()
> MD5()
> SHA1()
>
> Welche dieser Funktionen sollte ich verwenden, um Passw=F6rter in einer
> Datenbank zu speichern? Welche Vor- und Nachteile haben die einzelnen
> Funktionen?
>
> TIA,
> Christian
ENCRYPT() is a two way encryption/decryption function so you don't
need this unless you will be decrypting as well - which normally you
don't do when storing passwords in a database.
PASSWORD(), MD5(), SHA1() are one way hashes, so choose from these
:) mysql: PASSWORD() - it has changed over time.
MD5 and SHA1 are older and less strong than easily used SHA256 and
SHA-512 etc... so why not use SHA-256, SHA-384, SHA-512 etc..
<?php print_r(hash_algos()); ?>
use the strongest one you feel comfortable with. (they are all strong
enough for most practical purposes)
|