简体繁体 English

Java销售点系统的多阶段密码加密

[英]Multiple stage password encryption for Java point of sale system

原文 2015-10-11 05:15:05 3 1 java/ security/ encryption/ message-digest

I started using MD5 for password encryption but I realized that once the database has been compromised, passwords can be easily decrypted using a dozen different tools. 我开始使用MD5进行密码加密，但是我意识到一旦数据库遭到破坏，便可以使用多种工具轻松解密密码。

I was wondering if it would be practical to make a password encryption implementation that would have different stages. 我想知道，进行具有不同阶段的密码加密实施是否可行。

For example I enter a password like "123" then it gets converted like this: MD5 then passed on SHA encryption then another MessageDigest. 例如，我输入密码“ 123”，然后将其转换为：MD5，然后传递SHA加密，然后传递另一个MessageDigest。 So on and so on. 依此类推。 WOuld this increase the security of the passwords from being decrypted? 这样会增加密码解密的安全性吗？ This is for the security guys out there. 这是给在那里的安全人员的。

1 个解决方案

First, MD5 is not recommended for password hashing since it is no longer considered as safe. 首先，不建议将MD5用于密码哈希，因为它不再被认为是安全的。 Try to use SHA-512 and use a salt to increase security. 尝试使用SHA-512并加盐以提高安全性。 A salt is random data that is used as an additional input to a one-way function that hashes a password or passphrase. 盐是随机数据，用作哈希密码或密码短语的单向函数的附加输入。 When you use SHA-512 without salt, you always will have the same output for the same input. 当您在不加盐的情况下使用SHA-512时，相同的输入始终会具有相同的输出。