由买买提看人间百态

boards

本页内容为未名空间相应帖子的节选和存档,一周内的贴子最多显示50字,超过一周显示500字 访问原贴
Database版 - SQL Server 2005: How to hash a column?
相关主题
SQL server stored procedure 求助SQL Server 2005 Exec( )
encryptionSQL 2008 64bit performance issue
Database encryption 一问rsArray 为啥写不全? (转载)
Database Encryption能提供几个看似简单 实际不容易的关于数据库 SQL的问题么 (转载)
Stored Procedure的Is和As有什么区别,还有 ······a simple question about T-SQL
如何决定indexProblem when using SQL " Insert...." to AutoNumber.
Common Table Expression 问题pjones, do you know how to setup a encrypted multiprotocol in MSSQL?
Interview question about Microsoft Access and SQL. please helpRe: pjones, do you know how to setup a encrypted multiprotocol in MSSQ
相关话题的讨论汇总
话题: server话题: sql话题: hash话题: key话题: user
进入Database版参与讨论
1 (共1页)
y********o
发帖数: 2565
1
I have a users table in SQL Server 2005. It has the following fields:
userid (the primary key)
user_first_name nvarchar(20)
user_last_name nvarchar(20)
user_password varbinary(50)
I don't wanna store user_password as plain text. How do I encrypt or hash it
when I insert a record? I know in MySQL, we can do something like
INSERT INTO USERS VALUE ('johndoe', 'John', 'Doe', password('sikulito'));
Thanks.
y********o
发帖数: 2565
2

it
OK, I got it. We can use the HashBytes function and say
INSERT INTO USERS
VALUE ('johndoe', 'John', 'Doe', HashBytes('MD5', 'sikulito'));

【在 y********o 的大作中提到】
: I have a users table in SQL Server 2005. It has the following fields:
: userid (the primary key)
: user_first_name nvarchar(20)
: user_last_name nvarchar(20)
: user_password varbinary(50)
: I don't wanna store user_password as plain text. How do I encrypt or hash it
: when I insert a record? I know in MySQL, we can do something like
: INSERT INTO USERS VALUE ('johndoe', 'John', 'Doe', password('sikulito'));
: Thanks.

y********o
发帖数: 2565
3
Yes, thx. I read something about that, too. It is more complicated than ha
shing and it seems that passwords are better hashed than encrypted.
y********o
发帖数: 2565
4
Oh, is that right? I thought that 1-way hash isn't reversible. Good to know.
y********o
发帖数: 2565
5
Guess what, I googled out one site:
http://md5.benramsey.com/
It did successfully reverse the hash of 'abc123'. But not any of my real pa
sswords, :-)
It looks like the hash reversal engine above has a small dictionary of hashe
d entries. If you just use your name initials plus your birth date as your
password, it won't be able to reverse it.

that
"
for
y********o
发帖数: 2565
6
Is it public key encryption?

that they simply use dictionary lookup (or maybe a very little guessing work
). Consider this, if somebody gets your data, he can run the Brute-force
attack freely on his comput
result is verifiable; for certificate/key encryption, you cannot guess
because there is no way to verify if your guess is correct or not.
y********o
发帖数: 2565
7
Yes, I understand public-key encryption. I was asking if the type of encryp
tion you were talking about in SQL Server is asymmetric.

encryption.
connected to private key, i.e. you encrypt the data using the public key,
then to decrypt it, you must use the corresponding private key. As you have
said, HASH is one-way, no d
y********o
发帖数: 2565
8
gotcha, thx.
1 (共1页)
进入Database版参与讨论
相关主题
Re: pjones, do you know how to setup a encrypted multiprotocol in MSSQStored Procedure的Is和As有什么区别,还有 ······
where is password file for mysql如何决定index
Help on Sql server huge table performanceCommon Table Expression 问题
MS T-SQL 问题Interview question about Microsoft Access and SQL. please help
SQL server stored procedure 求助SQL Server 2005 Exec( )
encryptionSQL 2008 64bit performance issue
Database encryption 一问rsArray 为啥写不全? (转载)
Database Encryption能提供几个看似简单 实际不容易的关于数据库 SQL的问题么 (转载)
相关话题的讨论汇总
话题: server话题: sql话题: hash话题: key话题: user