What's your chosen method/datatype for storing passwords inside a database (ideally SQL Server 2005). The way in which I've been doing the work in a number of in our programs would be to first make use of the .Internet file encryption libraries after which store them within the database as binary(16). Is the most well-liked method or must i be utilising another datatype or allocating more room than 16?

I keep salted hash same as the password within the database rather than the password itself, then always compare the hash towards the produced among exactly what the user passed in.

It's too harmful to ever keep literal password data anywhere. This will make recovery impossible, however when someone does not remember or manages to lose your password you are able to tell you some inspections and make up a new password.

The most well-liked method: never store passwords inside your DB. Only hashes thereof. Add salt to taste.

I actually do exactly the same factor you've referred to, except it's saved like a String. I Base64 scribe the encoded binary value. The quantity of space to allocate is dependent around the file encryption formula/cipher strength.

I believe you do it right (given that you employ a Salt).

Since the effect of a hash function is a number of byte within the range to 255 (or -128 to 127, depending the signed-ness of the 8-bit data type), storing it as being a raw binary area helps make the most sense, because it is probably the most compact representation as well as no additional encoding and decoding steps.

Some databases or motorists do not have great support for binary data types, or sometimes designers just aren't familiar enough together to feel at ease. For the reason that situation, utilizing a binary-to-text encoding like Base-64 or Base-85, and storing the resulting text inside a character area is acceptable.

How big the area necessary is dependent upon the hash function that you employ. MD5 always results 16 bytes, SHA-1 always results 20 bytes. When you choose a hash function, you're usually tied to it, as altering takes a totally reset of existing passwords. So, utilizing a variable-size area does not buy you anything.


Concerning the "best" method to perform the hashing, I have attempted to supply many solutions with other SO questions about that subject:

  1. keep hash from the salted-password, for example bcrypt(nounce+pwd). You might prefer bcrypt over SHA1 or MD5 because it may be updated to become CPU-intensive, therefore creating a brute pressure attack way longer.
  2. give a captcha towards the login form following a couple of login errors (to prevent brute-pressure attacks)
  3. in case your application includes a "didn't remember my password" link, make certain it doesn't send the brand new password by email, but rather it will send a hyperlink to some (guaranteed) page permitting the consumer to define a brand new password (possibly only after confirmation of some private information, like the user's date of birth, for instance). Also, in case your application enables the consumer to define a brand new password, make certain you need the consumer to verify the present password.
  4. and clearly, secure the login form (typically with HTTPS) and also the servers themselves

With one of these measures, your user's passwords is going to be fairly properly protected against:

  1. => offline dictionary attacks
  2. => live dictionary attacks
  3. => denial and services information attacks
  4. => a variety of attacks!