久久久久久久av_日韩在线中文_看一级毛片视频_日本精品二区_成人深夜福利视频_武道仙尊动漫在线观看

        <tfoot id='WKGfW'></tfoot>

        <small id='WKGfW'></small><noframes id='WKGfW'>

      1. <i id='WKGfW'><tr id='WKGfW'><dt id='WKGfW'><q id='WKGfW'><span id='WKGfW'><b id='WKGfW'><form id='WKGfW'><ins id='WKGfW'></ins><ul id='WKGfW'></ul><sub id='WKGfW'></sub></form><legend id='WKGfW'></legend><bdo id='WKGfW'><pre id='WKGfW'><center id='WKGfW'></center></pre></bdo></b><th id='WKGfW'></th></span></q></dt></tr></i><div class="qwawimqqmiuu" id='WKGfW'><tfoot id='WKGfW'></tfoot><dl id='WKGfW'><fieldset id='WKGfW'></fieldset></dl></div>
        <legend id='WKGfW'><style id='WKGfW'><dir id='WKGfW'><q id='WKGfW'></q></dir></style></legend>
        • <bdo id='WKGfW'></bdo><ul id='WKGfW'></ul>
      2. 我的密碼鹽應(yīng)該多長(zhǎng)時(shí)間,SHA-256 是否足夠好?

        How long should my password salt be, and is SHA-256 good enough?(我的密碼鹽應(yīng)該多長(zhǎng)時(shí)間,SHA-256 是否足夠好?)
          <tbody id='65KlX'></tbody>

            <small id='65KlX'></small><noframes id='65KlX'>

              <i id='65KlX'><tr id='65KlX'><dt id='65KlX'><q id='65KlX'><span id='65KlX'><b id='65KlX'><form id='65KlX'><ins id='65KlX'></ins><ul id='65KlX'></ul><sub id='65KlX'></sub></form><legend id='65KlX'></legend><bdo id='65KlX'><pre id='65KlX'><center id='65KlX'></center></pre></bdo></b><th id='65KlX'></th></span></q></dt></tr></i><div class="qwawimqqmiuu" id='65KlX'><tfoot id='65KlX'></tfoot><dl id='65KlX'><fieldset id='65KlX'></fieldset></dl></div>
              1. <tfoot id='65KlX'></tfoot>
                <legend id='65KlX'><style id='65KlX'><dir id='65KlX'><q id='65KlX'></q></dir></style></legend>

                  <bdo id='65KlX'></bdo><ul id='65KlX'></ul>

                  本文介紹了我的密碼鹽應(yīng)該多長(zhǎng)時(shí)間,SHA-256 是否足夠好?的處理方法,對(duì)大家解決問(wèn)題具有一定的參考價(jià)值,需要的朋友們下面隨著小編來(lái)一起學(xué)習(xí)吧!

                  問(wèn)題描述

                  我正在創(chuàng)建一個(gè)游戲社區(qū)網(wǎng)站,我打算盡快向公眾發(fā)布.目前,我正在處理密碼和登錄信息.我之前只使用過(guò) MD5,但我已經(jīng)閱讀了有關(guān)密碼安全的文章,并聽(tīng)說(shuō)目前可以使用 salting.

                  I'm in the process of creating a gaming community site that I'm aiming to release to the public soon. Currently, I'm working on passwords and logins. I've only used MD5 before, but I've read about password safety and heard that salting is currently the way to go.

                  這是我的計(jì)劃:每個(gè)用戶都有自己獨(dú)特的 12 個(gè)隨機(jī)字符(#/¤& 等),存儲(chǔ)在 users 表中.鹽在注冊(cè)時(shí)與密碼一起散列(使用 SHA-256),并在登錄時(shí)重新散列.

                  Here's my plan: Every user has their own unique salt of 12 random characters (#/¤& etc), stored in the users table. The salt is hashed (using SHA-256) along with the password on registration, and re-hashed on login.

                  這聽(tīng)起來(lái)如何?我有什么可以改進(jìn)的嗎?我應(yīng)該選擇 SHA-512 和更長(zhǎng)的鹽,還是這樣就足夠了?

                  How does this sound to you? Anything I can improve? Should I go for SHA-512 and a longer salt, or is this enough?

                  推薦答案

                  您建議的 12 個(gè)字節(jié)應(yīng)該是鹽的足夠長(zhǎng)度.這需要字典攻擊來(lái)準(zhǔn)備 296 個(gè)散列密碼數(shù)據(jù)庫(kù).總有一天,這對(duì)破解者來(lái)說(shuō)可能是一項(xiàng)微不足道的操作,但我們離實(shí)現(xiàn)這一目標(biāo)還有很長(zhǎng)的路要走.

                  Your suggestion of 12 bytes should be an adequate length for a salt. That would require a dictionary attack to prepare 296 databases of hashed passwords. Someday this might be a trivial operation for a cracker, but we're still a ways off from that.

                  NIST 推薦 SHA256,因?yàn)樗哂凶銐虻拿艽a散列強(qiáng)度,至少目前是這樣.

                  SHA256 is recommended by NIST as having adequate hashing strength for passwords, at least for now.

                  如果您想探索更強(qiáng)大的密碼安全方法,請(qǐng)研究密鑰強(qiáng)化技術(shù),例如 PBKDF2,或使用 Bcrypt 進(jìn)行自適應(yīng)散列.但是這些在 SQL 中沒(méi)有直接支持.您必須在應(yīng)用程序代碼中進(jìn)行散列,然后將散列摘要發(fā)布到您的數(shù)據(jù)庫(kù)中.

                  If you want to explore even stronger methods of password security, look into key-strengthening techniques like PBKDF2, or adaptive hashing with Bcrypt. But these have no direct support in SQL. You'd have to do the hashing in application code and then post the hash digest to your database.

                  對(duì)于游戲網(wǎng)站來(lái)說(shuō),這似乎是一種過(guò)度的安全措施,但這樣做是一種很好的做法.因?yàn)樵S多用戶(不明智地)使用相同的密碼登錄游戲和登錄銀行!您不想為間接導(dǎo)致重大損失的身份驗(yàn)證違規(guī)行為負(fù)責(zé).

                  It may seem like security overkill for a gaming site, but it's a good practice to do it. Because many users (inadvisably) use the same password for their gaming login as they do for their banking login! You don't want to be responsible for an authentication breach that leads indirectly to major losses.

                  這篇關(guān)于我的密碼鹽應(yīng)該多長(zhǎng)時(shí)間,SHA-256 是否足夠好?的文章就介紹到這了,希望我們推薦的答案對(duì)大家有所幫助,也希望大家多多支持html5模板網(wǎng)!

                  【網(wǎng)站聲明】本站部分內(nèi)容來(lái)源于互聯(lián)網(wǎng),旨在幫助大家更快的解決問(wèn)題,如果有圖片或者內(nèi)容侵犯了您的權(quán)益,請(qǐng)聯(lián)系我們刪除處理,感謝您的支持!

                  相關(guān)文檔推薦

                  Deadlock exception code for PHP, MySQL PDOException?(PHP、MySQL PDOException 的死鎖異常代碼?)
                  PHP PDO MySQL scrollable cursor doesn#39;t work(PHP PDO MySQL 可滾動(dòng)游標(biāo)不起作用)
                  PHP PDO ODBC connection(PHP PDO ODBC 連接)
                  Using PDO::FETCH_CLASS with Magic Methods(使用 PDO::FETCH_CLASS 和魔術(shù)方法)
                  php pdo get only one value from mysql; value that equals to variable(php pdo 只從 mysql 獲取一個(gè)值;等于變量的值)
                  MSSQL PDO could not find driver(MSSQL PDO 找不到驅(qū)動(dòng)程序)

                  1. <small id='ng8zG'></small><noframes id='ng8zG'>

                        <tbody id='ng8zG'></tbody>
                      <tfoot id='ng8zG'></tfoot>
                        <bdo id='ng8zG'></bdo><ul id='ng8zG'></ul>

                        <legend id='ng8zG'><style id='ng8zG'><dir id='ng8zG'><q id='ng8zG'></q></dir></style></legend>

                          1. <i id='ng8zG'><tr id='ng8zG'><dt id='ng8zG'><q id='ng8zG'><span id='ng8zG'><b id='ng8zG'><form id='ng8zG'><ins id='ng8zG'></ins><ul id='ng8zG'></ul><sub id='ng8zG'></sub></form><legend id='ng8zG'></legend><bdo id='ng8zG'><pre id='ng8zG'><center id='ng8zG'></center></pre></bdo></b><th id='ng8zG'></th></span></q></dt></tr></i><div class="qwawimqqmiuu" id='ng8zG'><tfoot id='ng8zG'></tfoot><dl id='ng8zG'><fieldset id='ng8zG'></fieldset></dl></div>
                            主站蜘蛛池模板: 亚洲精品国产成人 | 日本三级网站在线观看 | 精品欧美乱码久久久久久1区2区 | 亚洲一区精品在线 | 欧美视频一区二区三区 | 国产精彩视频在线观看 | 日韩欧美在线视频播放 | 亚洲精品中文在线 | 欧美激情第一区 | 欧美一区精品 | 免费亚洲一区二区 | 国产精品视频一区二区三区四蜜臂 | 狠狠综合网 | 久久久久久黄 | 毛片免费观看 | 欧美成人一区二区 | 一级一级一级毛片 | 一级大片 | 国产精品1区2区3区 中文字幕一区二区三区四区 | 成人综合视频在线观看 | 日韩av在线免费 | 三级成人在线观看 | 亚洲综合成人网 | www.成人.com | 亚洲欧美精品在线 | 久久久久免费精品国产 | 国产欧美日韩视频 | 精久久| 久久国产区 | 日韩欧美在线一区二区 | 欧美一区二区在线观看 | 久草免费福利 | 精品视频网 | 九九伊人sl水蜜桃色推荐 | 欧美一级二级视频 | 亚洲成人免费av | 亚洲精品久久久久久宅男 | 成人av免费| 国产女人精品视频 | 国产一区二区三区在线 | 国产高清自拍视频在线观看 |