开发者

Which hash function is currently a good choice for passwords?

Some hash functions are today not as saf开发者_如何学运维e as they were some years ago. Which hash function would currently be a good choice for hashing passwords?

Thanks in advance.


Well, sha-2 is technically more secure, but no collisions have been found for sha-1 yet.

If you're trying to defend against rainbow tables or something, I would go with sha-2, since it has not seen wide use (yet).

SHA hash functions (Wikipedia)


The official answer is the one that produces the largest hash (like SHA-512). However, in practice, you usually have to make a tradeoff between that and storage concerns and processing time to calculate the hash.

Here's a list of hash functions, along with data about their size and more:
http://en.wikipedia.org/wiki/Cryptographic_hash_function#Cryptographic_hash_algorithms


A keyed hash such as SHA256 HMAC would be a good option to prevent brute force attacks if your data store is compromised.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜