I am using SimpleCrypto.Net to encrypt my passwords, which i understands uses PBKDF2 and a specified salt and number of iterations. I would like to know what's the most appropriate data type for me to set the password column to in the database.
我用SimpleCrypto。Net加密我的密码,我知道它使用PBKDF2和指定的salt和迭代次数。我想知道在数据库中设置密码列最合适的数据类型是什么。
1 个解决方案
#1
3
From looking at the code the result is a base64 encoded key of 64 bytes. Considering base64 is made up of ASCII characters I would recommend storing it as CHAR(88)
or to be on the safe side you could go with VARCHAR(MAX)
. However, as the key size is fixed at 64 bytes the length of the result should never change (even if your salt/iterations are changed).
从代码来看,结果是一个64字节的base64编码密钥。考虑到base64是由ASCII字符组成的,我建议将它存储为CHAR(88),或者为了安全起见,您可以使用VARCHAR(MAX)。但是,由于键大小是固定在64字节的,所以结果的长度不应该改变(即使您的盐/迭代发生了变化)。
#1
3
From looking at the code the result is a base64 encoded key of 64 bytes. Considering base64 is made up of ASCII characters I would recommend storing it as CHAR(88)
or to be on the safe side you could go with VARCHAR(MAX)
. However, as the key size is fixed at 64 bytes the length of the result should never change (even if your salt/iterations are changed).
从代码来看,结果是一个64字节的base64编码密钥。考虑到base64是由ASCII字符组成的,我建议将它存储为CHAR(88),或者为了安全起见,您可以使用VARCHAR(MAX)。但是,由于键大小是固定在64字节的,所以结果的长度不应该改变(即使您的盐/迭代发生了变化)。