Hash encryption in MySQL database

Database security is the most important link in the database, only to ensure the security of data in the database, to better play the function of the database, this article will introduce a good database encryption method, that is, hash encryption.

Introduction : MySQL database encryption method has many kinds, different encryption methods correspond to different situations, this article introduces the database encryption method---- Hash encryption , the database stored sensitive data has a good database protection.

Hash encryption

If your database holds sensitive data, such as bank card passwords, customer information, and so on, you may want to store this data in encrypted form in a database. So even if someone enters your database and sees the data, it's hard to get the real information.

In the vast amount of information in the application, perhaps you only want to make a small part of the encryption, such as the user's password. These passwords should not be stored in clear text, they should be stored in the database in an encrypted form. In general, most systems, including MySQL itself, use a hashing algorithm to encrypt sensitive data.

Hash encryption is one-way encryption, that is, the encrypted string cannot get the original string. This approach is very limited and is generally used only for password verification or other areas where verification is required. Instead of decrypting the encrypted string, the input string is encrypted using the same method, compared to the encrypted string in the database. This makes it impossible to restore the original string even if the algorithm is known and an encrypted string is obtained. The bank card password is used in this way to encrypt.

MySQL provides 4 functions for hash encryption: PASSWORD, ENCRYPT, SHA1, and MD5. Let's try these 4 functions to see what the results will be. Let's take the example of encrypting string "Pa55word" as an illustration:

Let's take a look at the MD5 function first.

SELECT MD5 (' Pa55word ');

+----------------------------------+

| MD5 (' Pa55word ') |

+----------------------------------+

| A17a41337551d6542fd005e18b43afd4 |

+----------------------------------+

1 row in Set (0.13 sec)

Here is the password function

SELECT PASSWORD (' Pa55word ');

+----------------------+

| PASSWORD (' Pa55word ') |

+----------------------+

| 1d35c6556b8cab45 |

+----------------------+

1 row in Set (0.00 sec)

Here is the Encrypt function

SELECT ENCRYPT (' Pa55word ');

+---------------------+

| ENCRYPT (' Pa55word ') |

+---------------------+

| up2ecb0hdj25a |

+---------------------+

1 row in Set (0.17 sec)

Each of the above functions returns an encrypted string. To differentiate the case of an encrypted string, it is best to define the field as a char binary type when using encrypt to generate an encrypted string.

I would like to introduce you to the use of MD5 encryption, I am very fond of this encryption method, so that the plaintext password can be displayed in the processing list or query log, so as to facilitate tracking. The following INSERT statement uses a record inserted, where the password is encrypted using MD5:

INSERT into table1 (user, PW) VALUE (' User1 ', MD5 (' Password1 '))

You can use the following statements for password verification:

SELECT * FROM table1 WHERE user = ' user1 ' and pw = MD5 (' Password1 ')

There are many ways to encrypt the database, here is a simple introduction to this kind of, I will continue to introduce more database encryption technology, if you also have a good database encryption method, welcome to share with us.

Hash encryption in MySQL database