Hash encryption in MySQL database

Source: Internet
Author: User

Introduction: MySQL databaseThere are many encryption methods. Different encryption methods correspond to different situations. The database encryption method described in this article ----Hash EncryptionIt provides better database protection for sensitive data stored in the database.

Hash Encryption

If the database stores sensitive data, such as bank card passwords and customer information, you may want to save the data in an encrypted form in the database. In this way, even if someone enters your database and sees the data, it is difficult to obtain the real information.

In the large amount of information in the application, you may only want to encrypt a small part, such as the user's password. These passwords should not be stored in plain text. They should be stored in the database in encrypted form. In general, most systems, including MySQL, use Hash algorithms to encrypt sensitive data.

Hash encryption is one-way encryption, that is, the encrypted string cannot obtain the original string. This method is very limited, generally only used in password verification or other places to verify. In comparison, the encrypted string is not decrypted, but the input string is encrypted in the same way, and then compared with the encrypted string in the database. In this way, even if the algorithm is known and the encrypted string is obtained, the original string cannot be restored. The bank card password is encrypted in this way.

MySQL provides four functions for hash encryption: PASSWORD, ENCRYPT, SHA1, and MD5. Next let's try these four functions to see what the results will be. The following uses the encrypted string "pa55word" as an example:

Let's take a look.MD5 Function

SELECT MD5 ('pa55word ');

+ ---------------------------------- +

| MD5 ('pa55word') |

+ ---------------------------------- +

| A17a41337551d6542fd005e18b43afd4 |

+ ---------------------------------- +

1 row in set (0.13 sec)

The following is the PASSWORD function.

Select password ('pa55word ');

+ ---------------------- +

| PASSWORD ('pa55word') |

+ ---------------------- +

| 1d35c6556b8cab45 |

+ ---------------------- +

1 row in set (0.00 sec)

The following is the ENCRYPT function.

Select encrypt ('pa55word ');

+ --------------------- +

| ENCRYPT ('pa55word') |

+ --------------------- +

| Up2Ecb0Hdj25A |

+ --------------------- +

1 row in set (0.17 sec)

Each of the above functions returns an encrypted string. To distinguish the case sensitivity of an encrypted string, it is best to define this field as a char binary type when using ENCRYPT to generate an encrypted string.

Next I will introduce how to use MD5 encryption. I like this encryption method very much. In this way, the plaintext password can be displayed in the processing list or in the query log for easy tracking. The following INSERT statement inserts a record, and the password uses MD5 for encryption:

Insert into table1 (user, pw) VALUE ('user1', MD5 ('password1 '))

You can use the following statement to verify the password:

SELECT * FROM table1 WHERE user = 'user1' AND pw = MD5 ('password1 ')

There are many ways to encrypt databases. Here we will briefly introduce this method. I will continue to introduce more database encryption technologies, if you have good database encryption methods, please share them with us.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.