16 C
Texas
angeloma
Senior Writer and partner

Password hashing on Mysql / MariaDB

Data security is essential to maintain system stability. Many system administrators know the importance of passwords in computer systems. Therefore, today I will tell you about the password hashing in MySQL and MariaDB.

MySQL and MariaDB are two popular database managers among application developers. Above all, because they are free, open source and because they are very but very robust and reliable. All this is added to the fact that they are well documented and have the support of the community.

Mysql
Mysql

Being two database managers, with clear objectives and good security measures, we find methods and ways to encrypt passwords or any string. that we need to protect even more.

What is Password Hashing?

- Advertisement -

First of all, you need to know what password hashing is. Password hashing is a way of encrypting a string so that not even the administrator of the system can know its value. It is especially useful for passwords.

This process is very important, but it is quite simple, they are simply functions that allow you to do it.

Some functions to do Password Hashing

MySQL and MariaDB have several functions that help us do a proper and hassle-free hashing. However, each of them behaves differently. Let’s see.

AES_ENCRYPT FUNCTION

Allow encryption of data using the official AES (Advanced Encryption Standard) algorithm. It is very secure. Encoding with a 128-bit key length is used, but you can extend it up to 256 bits by modifying the source. However, 128-bit length is enough for many cases.

This function requires two parameters, the first is the String and the second is key_str.

For example:

INSERT INTO table_name VALUES (AES_ENCRYPT('example',SHA2('password',512)));

This is the output.

MD5 FUNCTION

This function calculates an MD5 128-bit checksum for the string.

The value is returned as a string of 32 hexadecimal digits, or NULL if the argument was NULL.

SELECT MD5 ('EXAMPLE);

Using MD5 function
Using MD5 function

As you can see, the function calculates a value for the phrase or string and is useful for encrypting certain data.

PASSWORD FUNCTION

This is the most used function in MySQL or MariaDB to encrypt Strings. It’s really simple and we could almost say that it’s used by default, although obviously, it’s not. However, the PASSWORD() function is used for hashing passwords for use in authentication by the MariaDB server.

The return value is 41-bytes in length, and the first character is always ‘*’.

SELECT PASSWORD ('password');

PASSWORD FUNCTION
PASSWORD FUNCTION

SHA2 FUNCTION

Calculates the SHA-2 family of hash functions (SHA-224, SHA-256, SHA-384, and SHA-512). This function requires two arguments, firstly, the text to be encrypted and secondly the length of the hash (224, 256, 384, 512).

The SHA2 function works only if MySQL has been configured with SSL support.

SELECT SHA2('Angelo',224);
SELECT SHA2('Angelo',256);
SELECT SHA2('Angelo',384);
SELECT SHA2('Angelo',512);

3.- Using SHA2 function
3.- Using SHA2 function

4.- Other example using SHA2 function
4.- Other example using the SHA2 function

This is the function more secure. It is recommended for production servers.

Conclusion

As you can see it’s easy to protect passwords even more. All that’s left is for you to use these tools properly.

If you don know how to install MySQL or MariaDB, you can read this article.

Please share this article on your social networks.

 

- Advertisement -
Everything Linux, A.I, IT News, DataOps, Open Source and more delivered right to you.
Subscribe
"The best Linux newsletter on the web"

LEAVE A REPLY

Please enter your comment!
Please enter your name here



Latest article