Question: How to determine the appropriate data type and length for hashed passwords?
When implementing password hashing, it's crucial to choose a suitable data type and length for storing the hashed values. Typically, hash functions generate a result of a fixed length, but the length and representation vary based on the specific algorithm.
Answer: The selection of data type and length depends on the hashing algorithm employed:
Recommendation:
NIST suggests using SHA-256 or higher hash functions for interoperability applications. However, utilizing these hash functions solely is insufficient for secure password storage.
Therefore, it's recommended to employ key-strengthening hash algorithms like Bcrypt or Argon2i. For instance, PHP's password_hash() function uses Bcrypt by default, generating a 60-character hash. To accommodate this, consider using a CHAR(60) data type for storage.
The above is the detailed content of What Data Type and Length Should I Use for Storing Hashed Passwords?. For more information, please follow other related articles on the PHP Chinese website!