开发者

SQL Server 2008 Column Size

I am using RijndaelManaged 128 bit encryption to encrypt passwords in my ASP.NET application. What should the pa开发者_运维技巧ssword column size be in the database (SQL Server 2008).


Microsoft uses nvarchar(128) for their SqlMembershipProvider which provides for Rijndael symmetrical encryption and a maximum password size of 128, so I would say that's a safe bet. Obviously, if you allow for longer passwords, you'll need more space.


I didn't use RijndaelManaged but basicly encrypting passwords considered bad security practice. Instead it's better to keep their hashes. So the column size depends on the maximum password length and how your hash function works. If it produces unicode characters you need nvarchar column, if latin only - varchar will save half of the space in the storage.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜