views:

126

answers:

3

I'm setting up my database to receive hashed passwords and not accept plain text.

Would I go something like this?

create table User(
username varchar(20) not null,
password varchar(64) not null,
);
A: 

Yup :o) ( this is just padding to fill minimum character requirements)

Chief17
+10  A: 

Yes, a SHA256 is always 256 bits long, equivalent to 32 bytes, or 64 bytes in an hexadecimal string format. You can even use char(64) instead of varchar(64) since the size won't change.

Julien Lebosquain
Or even just store it as a binary(32)...
codekaizen
Thank you for the quick response. :)
Sergio Tapia
A: 

You will need to consider nvarchar, or whatever the unicode equivalent is for your database, if you encode your hash output in unicode instead of hexadecimal.

Jordan