What's the Optimal Database Column Type and Length for Storing BCrypt Hashed Passwords?

Optimal Column Type and Length for Storing BCrypt Hashed Passwords

When storing BCrypt hashed passwords in a database, it's crucial to choose the appropriate column type and length to ensure reliable storage and security.

Column Type

The bcrypt hashing algorithm generates encoded passwords fixed at a specific length. Therefore, the optimal column type for storing these hashed passwords is CHAR(NN) BINARY, where 'NN' represents the fixed length of the hashed password. This ensures that the hashed password is stored in its binary form, preserving its integrity.

Length

The length of the column should accommodate the full length of the BCrypt hashed password. According to the modular crypt format for bcrypt, the encoded password consists of 53 characters, base-64-encoded. This translates to 59 or 60 bytes, depending on the version (2a or 2y) used.

Does BCrypt Hashing Produce Fixed-Length Passwords?

Yes, BCrypt hashing uses a consistent algorithm that generates passwords of the same length.

Specific Recommendations

For MySQL specifically, the recommended column type is CHAR(60) BINARY or BINARY(60). This ensures that the hashed password is stored as a fixed-length binary, maintaining its integrity and preventing potential security vulnerabilities.

The above is the detailed content of What's the Optimal Database Column Type and Length for Storing BCrypt Hashed Passwords?. For more information, please follow other related articles on the PHP Chinese website!