Hello guys,
I need to store sensitive data (usernames and passwords) and wanted to do things the right way (storing SHA-256 hashes of (password).(large random number) instead of cleartext passwords. This needs to be done using MySQL and, as far as i know, only MySQL 6 plans to incorporate SHA-2, hence i assume some kind of external application needs to be setup; I would like to make a stored procedure that would calculate the hash of the password (concatenated with the nonce) and store it.
In your opinion, what would be the best way to implement this? I've read a few post here on Stackoverflow and i'm currently heading towards Perl.
Cheers, Hal
PS: OS -> Windows Server 2008
EDIT: damn editor, won't show the correct text. Fixed.
EDIT2: I am not trying to make my own version of SHA2, although it would certainly be fun; i need to use it on a stored procedure in order to hash the original password and I'm just not sure what external module/application/library I should use.