3

Using PHP crypt() method I have a PHP script to store users encrypted passwords in MySQL database. What field type should I use to store the encrypted data?

Improve this question
1
  • Text is fit for the encrypted storage on mysql Commented May 2, 2014 at 19:56

3 Answers 3

Reset to default
5

varchar(of sufficient length)

Improve this answer
Sign up to request clarification or add additional context in comments.

9 Comments

Hi wallyk, thanks for reply but I saw a video on Youtube mentioned we can select MD5 data type for md5(). isn't any qual for crypt() type?
Please, no, DO NOT use MD5.
@tadman , I am not going to use MD5 just curious if there is any associated type for crypt()?
@MonaCoder: I don't see any MD5 data type in the documentation. Where is it?
@MonaCoder Be very careful with tutorials that describe how to make a login system. Most are incomplete and/or hazardous to use in a production environment. If you're not using a development framework that comes with a built-in authentication system, like Laravel does, then be sure to observe all the best practices when it comes to security. A "hex digest" of a hash can be stored in any string-like field (e.g. VARCHAR).
|
1

Use 'varchar'

In additon to wallyk's answer,
Exact lengths of encrytpted strings using crypt() are;

Standard DES: stqAdD7zlbByI
Extended DES: _S4..someQXidlBpTUu6
MD5: $1$somethin$4NZKrUlY6r7K7.rdEOZ0w.
Blowfish: $2a$09$anexamplestringforsaleLouKejcjRlExmf1671qw3Khl49R3dfu
SHA-256: $5$rounds=5000$anexamplestringf$KIrctqsxo2wrPg5Ag/hs4jTi4PmoNKQUGWFXlVy9vu9
SHA-512: $6$rounds=5000$anexamplestringf$Oo0skOAdUFXkQxJpwzO05wgRHG0dhuaPBaOU/
         oNbGpCEKlf/7oVM5wn6AN0w2vwUgA0O24oLzGQpp1XKI6LLQ0.
Improve this answer

8 Comments

Please do not link to w3schools. It causes a ton of damage.
w3schools causes damage? new here so please explain
It's full of dangerously inaccurate information and encourages recklessly bad habits. The link I posted explains more. Thanks for updating your answer.
will read later, thanks for making me aware, original answer edited.
If you're using md5 for "recent projects", you're doing it wrong
|
0

It depends on what type of encryption you are using but varbinary is appropriate in some situations.

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.