本文介绍了如何使用C#将散列存储在SQL Server数据库中?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试创建一个具有登录/注销功能的网站,并且我计划适当地对密码进行哈希处理和添加盐分.但是,我面临的问题是如何将密码存储在数据库中.我知道我需要将散列+加盐的密码存储在数据库中(而不是纯文本格式或纯加密格式),但是我不知道如何从技术上解决将二进制数据插入数据库的问题.

I'm trying to make a website with a log on / log off feature and I plan on properly hashing and salting the password. The problem I'm facing, however, is how I'd go about storing the password in the database. I know that I need to store the hashed + salted password in the database (not in plain text or plain encrypted), but I don't know how to technically get around inserting the binary data into the database.

在我的早期尝试中,我可以在数据库中获取数据的唯一方法是将二进制数据转换为base64字符串并插入到varchar密码字段中,但是有些事情告诉我这是不正确的的方法.

In my early attempts, the only way I could get the data in the database would be to have the binary data converted to a base64 string and inserted into the varchar password field, but something is telling me that's not the correct way to do it.

数据库中的密码字段当前为varchar,但据我了解,哈希密码是二进制的.因此,即使我将密码字段更改为二进制对象,我仍然不知道如何实际插入它!

The password field in the database is currently a varchar but as I understand it, a hashed password is binary. So even if I changed the password field to a binary object, I still don't know how to actually insert it!

如果我没有任何意义,请澄清,我会尽快与您联系.

If I'm not making any sense please ask for clarification and I'll get back to you.

推荐答案

否,哈希密码不必存储在varbinary字段中,您可以对其进行编码并将其存储在varchar字段中. Base64是编码任何类型字符的不错选择.

No, a hashed password doesnt have to be stored in a varbinary field, you can encode it and store it in a varchar field. Base64 is a good alternative for encoding any kind of characters.

这篇关于如何使用C#将散列存储在SQL Server数据库中?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

09-05 05:59