What would be the safest way to encrypt passwords in MySQL? And the easiest?
I am using a MYSQL database, with the removal of the PASSWORD
function I would like to know another way to encrypt.
What would be the safest way to encrypt passwords in MySQL? And the easiest?
I am using a MYSQL database, with the removal of the PASSWORD
function I would like to know another way to encrypt.
The MD5
and AES
functions should be considered. The choice between one of the two encryptions depends on your need.
MD5
is one of the best known, however, if at some point you need to revert it for some reason, it will not be possible.
AES
is my favorite encryption in this case because you have the AES_ENCRYPT
and AES_DECRYPT
functions, so you can revert the password (using the key) if you need it.
More details about this link can be found here: link
Now, actually answering your question ... AES
encryption uses a pre-set value of 128 bits and can only be reversed through the key. The MD5
cryptography uses a 32-digit hexadecimal value. I have heard that both have already been broken, so I think they are on an equal footing.
And about ease of use, both are very simple.
INSERT INTO usuarios (login, senha) VALUES ('usuario_1', MD5('abc123'));
INSERT INTO usuarios (login, senha) VALUES ('usuario_2', AES_ENCRYPT('abc123', 'chave'));
I believe the best option would be to let the bank just store the information, that is, already come encrypted by the application.
Another alternative is to use the PASSWORD()
function to encrypt passwords when saving:
insert into tabela(campo) values(password('minha senha'));
Here's an example: sqlfiddle.com
Reference: MySql password hashing
EDIT : As pointed out by @FabioC, the PASSWORD
function has been deprecated since version 8.0.11. You can use other encryption functions as SHA()
.