简体繁体 English

在 mysql 中向已经散列的密码添加唯一盐

[英]Adding unique salt to already hashed passwords in mysql

原文 2022-05-09 12:49:48 8 1 c#/ mysql/ database/ encryption/ hash

I am trying to add unique salt to the hashed passwords in MySQL database.我正在尝试向 MySQL 数据库中的散列密码添加唯一的盐。 What is the most legitimate way of doing this?这样做最合法的方法是什么？ I am aware of that I need to hash them again to add a salt.我知道我需要再次向 hash 添加盐。 These passwords are used for the website login.这些密码用于网站登录。 I can add one particular salt to each password before the code (written in C#) sends the user info to the database.在代码（用 C# 编写）将用户信息发送到数据库之前，我可以为每个密码添加一种特定的盐。 In such a case, the login will work if I salt the passwords in MYSQL with the same salt.在这种情况下，如果我用相同的盐对 MYSQL 中的密码进行加盐，登录将起作用。 I know that it is not the most secure way.我知道这不是最安全的方式。 How do I implement the same with unique salts for each?我如何为每个人使用独特的盐来实现相同的功能？

1 个解决方案

As the comments above state, you cannot reverse a hash, so you can't get the original password back to apply salt.如上面state的注释，不能反一个hash，所以不能取回原来的密码去加盐。 You could apply salt to the hash string and hash again, but then you'd be stuck with that weird double-hash authentication method forever.您可以再次对 hash 字符串和 hash 应用 salt，但是您将永远受困于这种奇怪的双哈希身份验证方法。 Be sure to comment your code to explain why it is implemented this way, because programmers who take over your code when you leave will be confused.一定要注释你的代码，解释为什么要这样实现，因为当你离开时接手你代码的程序员会很困惑。

I'll tell you how I did it when I was working on an app that needed to update its password-storage code from using MD5() to using salt + SHA1().我将告诉您我在开发一个需要将其密码存储代码从使用 MD5() 更新为使用 salt + SHA1() 的应用程序时是如何做到的。

Leave the old hashed passwords alone.保留旧的散列密码。
Add a new column to the table storing your passwords for the new format of password.将新列添加到存储新密码格式的密码的表中。 Call it password2 or something like that.将其称为password2或类似名称。 This column is NULL by default.该列默认为 NULL。
Change the code to check the new column.更改代码以检查新列。 If it is not NULL, then authenticate the user's input using the new hash method against what is stored in the database.如果不是 NULL，则使用新的 hash 方法根据数据库中存储的内容验证用户输入。
If the new column is NULL, then check against the old password using the old authentication method.如果新列是 NULL，则使用旧身份验证方法检查旧密码。 Ie hash the user's input and check that hash against what is stored in the database.即 hash 用户输入并检查 hash 与数据库中存储的内容。 Once you know the input is correct, hash the input again using the new method (add salt and hash the input, or better yet, use Bcrypt or Argon2 which contains its own salt in the hash result) and store that result in the new column.一旦您知道输入正确，hash 使用新方法再次输入（添加盐和 hash 输入，或者更好的是，使用 Bcrypt 或 Argon2，它在 hash 结果中包含自己的盐）并将结果存储在新列中.
Also set the old column to NULL after the new hash format is stored in the new column.在新列中存储新的 hash 格式后，还将旧列设置为 NULL。
Of course the password-change code and new account creation code will also need to be changed.当然，密码更改代码和新帐户创建代码也需要更改。 It should ignore the old password column, leaving it NULL, and only store passwords in the new format in the new column.它应该忽略旧密码列，保留它 NULL，并且只在新列中以新格式存储密码。
Once all users have logged in at least once, the old password column should be NULL on all rows.所有用户至少登录一次后，所有行的旧密码列都应为 NULL。 You can remove the application code that supported the old password hash format, and then drop the old password column.您可以去掉支持旧密码hash格式的应用代码，然后删除旧密码栏。
But there will almost surely be some stragglers who don't log in regularly, so after a few weeks of waiting, I would just proceed to drop the old password.但几乎肯定会有一些不经常登录的掉队者，所以在等待几周后，我会继续删除旧密码。 Those users who haven't logged in recently will be forced to do a password reset.那些最近没有登录的用户将被强制重置密码。

The advantage to this method is that it works totally seamlessly for nearly all your users, and inconveniences only a few (and some of those users may never return anyway).这种方法的优点是几乎所有用户都可以完全无缝地工作，并且只会给少数人带来不便（其中一些用户可能永远不会回来）。

The disadvantage is that it takes a few weeks to wait for everyone to log in once.缺点是等大家登录一次需要几周的时间。 If you need the change to occur immediately, then you may have to force all the users to do password reset.如果您需要立即进行更改，那么您可能必须强制所有用户进行密码重置。