最佳实践:在表中存储密码的最安全方法?

时间:2021-09-19 16:57:20

I am using PHP. I used to use native mysql function password() to store passwords. I was told that password() is not safe anymore. What would be the best method to store passwords in PHP? is it MD5?

我正在使用PHP。我曾经使用原生的mysql函数password()来存储密码。我被告知密码()不再安全了。在PHP中存储密码的最佳方法是什么?是MD5吗?

6 个解决方案

#1


24  

Updated Answer 2016:

The winner of the PHC (Password Hashing Competion) was Argon2. Hashing passwords with Argon2 is the best practice as of 2016.

PHC(密码哈希竞争)的获胜者是Argon2。使用Argon2哈希密码是截至2016年的最佳做法。

PHC ran from 2013 to 2015 as an open competition—the same kind of process as NIST's AES and SHA-3 competitions, and the most effective way to develop a crypto standard. We received 24 candidates, including many excellent designs, and selected one winner, Argon2, an algorithm designed by Alex Biryukov, Daniel Dinu, and Dmitry Khovratovich from University of Luxembourg.

PHC从2013年开始到2015年作为公开竞争 - 与NIST的AES和SHA-3竞赛相同的过程,以及开发加密标准的最有效方式。我们收到了24位候选人,包括许多优秀的设计,并选出了一位获奖者,Argon2,一种由Alex Biryukov,Daniel Dinu和来自卢森堡大学的Dmitry Khovratovich设计的算法。

We recommend that use you use Argon2 rather than legacy algorithms.

我们建议您使用Argon2而不是传统算法。

The reference implementation is available on GitHub.

参考实现可在GitHub上获得。

Updated Answer 2012:

The original answer I gave below was once considered to be a best practice. However, advances in hash-computing technology have rendered these schemes vulnerable. Going forward, the only secure password hashing schemes are iterative hashes such as bcrypt and PBKDF2. For a full discussion, see Jeff Atwood's analysis.

我在下面给出的原始答案曾被认为是最佳实践。然而,哈希计算技术的进步使这些方案变得脆弱。展望未来,唯一安全的密码哈希方案是迭代哈希,例如bcrypt和PBKDF2。有关完整讨论,请参阅Jeff Atwood的分析。

Original Answer 2009:

I recommend first prepending a salt value to your password, followed by hashing the resultant string with a reasonably strong hashing function like SHA256. This secures against the obvious (plain text passwords) and the not so obvious (attack using Rainbow tables).

我建议首先在密码前加上一个salt值,然后用一个像SHA256这样相当强的散列函数对结果字符串进行散列。这可以抵御明显的(纯文本密码)和不那么明显(使用Rainbow表的攻击)。

Keep in mind that if you store passwords in this way, you will not be able to retrieve a user's lost password. They'll only be able to reset passwords. This is because you'll be using a one way hash. But this limitation is generally worth the tradeoff for a more secure password storage system. Even if your database is compromised, your user's passwords will still be exceedingly difficult and probably unpractical to recover by a would be attacker.

请记住,如果以这种方式存储密码,您将无法检索用户丢失的密码。他们只能重置密码。这是因为您将使用单向散列。但是这种限制通常值得权衡更安全的密码存储系统。即使您的数据库遭到入侵,您的用户密码仍然非常困难,并且可能是攻击者无法恢复的。

#2


4  

bcrypt is actually more secure. See: Enough With The Rainbow Tables: What You Need To Know About Secure Password Schemes

bcrypt实际上更安全。请参阅:完整的彩虹表:您需要了解的安全密码方案

#3


2  

You need to salt the password.

你需要加密密码。

vBulletin does a pretty good job at storing passwords. md5(md5(password) + salt);

vBulletin在存储密码方面做得非常好。 md5(md5(密码)+盐);

#4


2  

To argue with the the other answer, VBulletin does a horrid job of hashing passwords. Their salt is only 3 characters long, only fractionally increasing the security of your application.

为了与另一个答案争论,VBulletin做了一个哈希密码的可怕工作。它们的盐只有3个字符长,只是略微增加了应用程序的安全性。

Check out http://www.openwall.com/phpass/ . They do an excellent job of using a long hash, unique to each password, and running the password through md5 thousands of times. It is one of the best hashing systems for php out there.

查看http://www.openwall.com/phpass/。他们可以很好地使用长哈希,每个密码都是唯一的,并且通过md5运行密码数千次。它是php最好的散列系统之一。

#5


0  

If you can avoid storing the user password that's your best option, imo. Use OpenId (like *) to authenticate the user. Or Live Authentication (http://dev.live.com/liveid/). If you really, really need to authenticate the users yourself; do what Asaph says in his answer. :)

如果您可以避免存储最佳选择的用户密码,imo。使用OpenId(如*)对用户进行身份验证。或实时身份验证(http://dev.live.com/liveid/)。如果你真的,真的需要自己验证用户;做了亚萨在他的回答中说的话。 :)

#6


0  

Salt and hash.

盐和哈希。

We typically use a random guid as the salt and then SHA512 to hash.

我们通常使用随机guid作为salt,然后使用SHA512进行哈希处理。

#1


24  

Updated Answer 2016:

The winner of the PHC (Password Hashing Competion) was Argon2. Hashing passwords with Argon2 is the best practice as of 2016.

PHC(密码哈希竞争)的获胜者是Argon2。使用Argon2哈希密码是截至2016年的最佳做法。

PHC ran from 2013 to 2015 as an open competition—the same kind of process as NIST's AES and SHA-3 competitions, and the most effective way to develop a crypto standard. We received 24 candidates, including many excellent designs, and selected one winner, Argon2, an algorithm designed by Alex Biryukov, Daniel Dinu, and Dmitry Khovratovich from University of Luxembourg.

PHC从2013年开始到2015年作为公开竞争 - 与NIST的AES和SHA-3竞赛相同的过程,以及开发加密标准的最有效方式。我们收到了24位候选人,包括许多优秀的设计,并选出了一位获奖者,Argon2,一种由Alex Biryukov,Daniel Dinu和来自卢森堡大学的Dmitry Khovratovich设计的算法。

We recommend that use you use Argon2 rather than legacy algorithms.

我们建议您使用Argon2而不是传统算法。

The reference implementation is available on GitHub.

参考实现可在GitHub上获得。

Updated Answer 2012:

The original answer I gave below was once considered to be a best practice. However, advances in hash-computing technology have rendered these schemes vulnerable. Going forward, the only secure password hashing schemes are iterative hashes such as bcrypt and PBKDF2. For a full discussion, see Jeff Atwood's analysis.

我在下面给出的原始答案曾被认为是最佳实践。然而,哈希计算技术的进步使这些方案变得脆弱。展望未来,唯一安全的密码哈希方案是迭代哈希,例如bcrypt和PBKDF2。有关完整讨论,请参阅Jeff Atwood的分析。

Original Answer 2009:

I recommend first prepending a salt value to your password, followed by hashing the resultant string with a reasonably strong hashing function like SHA256. This secures against the obvious (plain text passwords) and the not so obvious (attack using Rainbow tables).

我建议首先在密码前加上一个salt值,然后用一个像SHA256这样相当强的散列函数对结果字符串进行散列。这可以抵御明显的(纯文本密码)和不那么明显(使用Rainbow表的攻击)。

Keep in mind that if you store passwords in this way, you will not be able to retrieve a user's lost password. They'll only be able to reset passwords. This is because you'll be using a one way hash. But this limitation is generally worth the tradeoff for a more secure password storage system. Even if your database is compromised, your user's passwords will still be exceedingly difficult and probably unpractical to recover by a would be attacker.

请记住,如果以这种方式存储密码,您将无法检索用户丢失的密码。他们只能重置密码。这是因为您将使用单向散列。但是这种限制通常值得权衡更安全的密码存储系统。即使您的数据库遭到入侵,您的用户密码仍然非常困难,并且可能是攻击者无法恢复的。

#2


4  

bcrypt is actually more secure. See: Enough With The Rainbow Tables: What You Need To Know About Secure Password Schemes

bcrypt实际上更安全。请参阅:完整的彩虹表:您需要了解的安全密码方案

#3


2  

You need to salt the password.

你需要加密密码。

vBulletin does a pretty good job at storing passwords. md5(md5(password) + salt);

vBulletin在存储密码方面做得非常好。 md5(md5(密码)+盐);

#4


2  

To argue with the the other answer, VBulletin does a horrid job of hashing passwords. Their salt is only 3 characters long, only fractionally increasing the security of your application.

为了与另一个答案争论,VBulletin做了一个哈希密码的可怕工作。它们的盐只有3个字符长,只是略微增加了应用程序的安全性。

Check out http://www.openwall.com/phpass/ . They do an excellent job of using a long hash, unique to each password, and running the password through md5 thousands of times. It is one of the best hashing systems for php out there.

查看http://www.openwall.com/phpass/。他们可以很好地使用长哈希,每个密码都是唯一的,并且通过md5运行密码数千次。它是php最好的散列系统之一。

#5


0  

If you can avoid storing the user password that's your best option, imo. Use OpenId (like *) to authenticate the user. Or Live Authentication (http://dev.live.com/liveid/). If you really, really need to authenticate the users yourself; do what Asaph says in his answer. :)

如果您可以避免存储最佳选择的用户密码,imo。使用OpenId(如*)对用户进行身份验证。或实时身份验证(http://dev.live.com/liveid/)。如果你真的,真的需要自己验证用户;做了亚萨在他的回答中说的话。 :)

#6


0  

Salt and hash.

盐和哈希。

We typically use a random guid as the salt and then SHA512 to hash.

我们通常使用随机guid作为salt,然后使用SHA512进行哈希处理。