Hash encryption in MySQL database

Source: Internet
Author: User
Tags md5 md5 encryption

Database security is the most important link in the database, only to ensure the security of data in the database, to better play the function of the database, this article will introduce a good database encryption method, that is, hash encryption.

Introduction : MySQL database encryption method has many kinds, different encryption methods correspond to different situations, this article introduces the database encryption method---- Hash encryption , the database stored sensitive data has a good database protection.

Hash encryption

If your database holds sensitive data, such as bank card passwords, customer information, and so on, you may want to store this data in encrypted form in a database. So even if someone enters your database and sees the data, it's hard to get the real information.

In the vast amount of information in the application, perhaps you only want to make a small part of the encryption, such as the user's password. These passwords should not be stored in clear text, they should be stored in the database in an encrypted form. In general, most systems, including MySQL itself, use a hashing algorithm to encrypt sensitive data.

Hash encryption is one-way encryption, that is, the encrypted string cannot get the original string. This approach is very limited and is generally used only for password verification or other areas where verification is required. Instead of decrypting the encrypted string, the input string is encrypted using the same method, compared to the encrypted string in the database. This makes it impossible to restore the original string even if the algorithm is known and an encrypted string is obtained. The bank card password is used in this way to encrypt.

MySQL provides 4 functions for hash encryption: PASSWORD, ENCRYPT, SHA1, and MD5. Let's try these 4 functions to see what the results will be. Let's take the example of encrypting string "Pa55word" as an illustration:

Let's take a look at the MD5 function first.

SELECT MD5 (' Pa55word ');

+----------------------------------+

| MD5 (' Pa55word ') |

+----------------------------------+

| A17a41337551d6542fd005e18b43afd4 |

+----------------------------------+

1 row in Set (0.13 sec)

Here is the password function

SELECT PASSWORD (' Pa55word ');

+----------------------+

| PASSWORD (' Pa55word ') |

+----------------------+

| 1d35c6556b8cab45 |

+----------------------+

1 row in Set (0.00 sec)

Here is the Encrypt function

SELECT ENCRYPT (' Pa55word ');

+---------------------+

| ENCRYPT (' Pa55word ') |

+---------------------+

| up2ecb0hdj25a |

+---------------------+

1 row in Set (0.17 sec)

Each of the above functions returns an encrypted string. To differentiate the case of an encrypted string, it is best to define the field as a char binary type when using encrypt to generate an encrypted string.

I would like to introduce you to the use of MD5 encryption, I am very fond of this encryption method, so that the plaintext password can be displayed in the processing list or query log, so as to facilitate tracking. The following INSERT statement uses a record inserted, where the password is encrypted using MD5:

INSERT into table1 (user, PW) VALUE (' User1 ', MD5 (' Password1 '))

You can use the following statements for password verification:

SELECT * FROM table1 WHERE user = ' user1 ' and pw = MD5 (' Password1 ')

There are many ways to encrypt the database, here is a simple introduction to this kind of, I will continue to introduce more database encryption technology, if you also have a good database encryption method, welcome to share with us.

Hash encryption in MySQL database

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.