http://www.php.net/manual/en/faq.passwords.php#faq.passwords.fasthash
我将用户密码以散列形式存储在 MySQL 数据库中。这是否意味着这样做是不安全的?如果是,我的替代方案是什么?
最佳答案
您链接到的常见问题解答中的下一个问题讨论了它:How should I hash my passwords, if the common hash functions are not suitable?
来自常见问题解答:
The suggested algorithm to use when hashing passwords is Blowfish, as it is significantly more computationally expensive than MD5 or SHA1, while still being scalable.
接下来的问题是关于盐的。
关于PHP.net 说 md5() 和 sha1() 不适合作为密码?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/8110196/