Recently saw many well-known online Web sites have been the issue of password leaks, and then we now do some of the registration and login and other aspects of database information related to the content.
If we generally do the registration page, the user registration password into the database, general recommendations do not simply save the password, because such security is absolutely the lowest, if you do not want to let others simply get our password, it is necessary to do a little bit on the password, such as our most common is MD5 encryption, Because MD5 is irreversible, this time there may be a lot of people say, we have a lot of internet MD5 decrypt the website, put the password in not just good?
Although the site above MD5 decrypt the decryption query data is amazing, but if we MD5 on the basis of another encryption once or many times, that even if there are intruders to steal, it may not be able to pass the user's password to detect, and then if we MD5 encryption based on the encryption of the MD5 32 bits, Pull out the number of the previous or the last few to splice the password in any position above, then, I believe that the security of the password will greatly improve a few levels. Moreover, do similar registration page or other such pages, the use of regular to verify, can effectively control, users fill in the password not too simple, such as can not be pure numbers, can not have special symbols, etc., or require a mix of numbers and English text composition.
The above is only a few small methods, of course, if there are great gods have more good ways to improve the security of passwords, hope to share the exchange!
About security issues with passwords