What algorithm should I use to hash passwords into my database? [duplicate]

This 2008 answer is now dangerously out of date. SHA (all variants) is now trivially breakable, and best practice is now (as of Jan 2013) to use a key-stretching hash (like PBKDF2) or ideally a RAM intensive one (like Bcrypt) and to add a per-user salt too.

Points 2, 3 and 4 are still worth paying attention to.

See the IT Security SE site for more.


Original 2008 answer:

  1. Use a proven algorithm. SHA-256 uses 64 characters in the database, but with an index on the column that isn’t a problem, and it is a proven hash and more reliable than MD5 and SHA-1. It’s also implemented in most languages as part of the standard security suite. However don’t feel bad if you use SHA-1.

  2. Don’t just hash the password, but put other information in it as well. You often use the hash of “username:password:salt” or similar, rather than just the password, but if you play with this then you make it even harder to run a dictionary attack.

  3. Security is a tough field, do not think you can invent your own algorithms and protocols.

  4. Don’t write logs like “[AddUser] Hash of GeorgeBush:Rep4Lyfe:ASOIJNTY is xyz”

Leave a Comment

tech