[英]Store different passwords in android
I am developing an android app that requires multiple default passwords to be stored. 我正在开发一个Android应用程序,需要存储多个默认密码。
Based on the password entered, the user will be shown different forms to be filled. 根据输入的密码,将向用户显示要填写的不同表格。
What is the best solution to store the default passwords if the number of default passwords are more say 10 to 20? 如果默认密码的数量多于10到20,那么存储默认密码的最佳解决方案是什么?
I see two possibilities: 我看到两种可能性:
I would prefer the first possibility. 我更喜欢第一种可能性。 Also, I would not use common MD5 as hashing algorithm, but at least SHA-512 or, even better, bcrypt. 另外,我不会使用普通的MD5作为散列算法,但至少使用SHA-512或更好的bcrypt。 Here is a good thread explaining why and how to do that on Android: Stackoverflow-Thread . 这是一个很好的线程,解释了为什么以及如何在Android上执行此操作: Stackoverflow-Thread 。 Basically, you must reckon that somebody will retrieve the sqlite database, and it's then very easy to find out weak passwords (with the help of rainbow-tables) if fast hashing algorithms (eg MD5) have been employed. 基本上,你必须认为有人会检索sqlite数据库,然后很容易找到弱密码(在rainbow-tables的帮助下)如果使用了快速哈希算法(例如MD5)。 Password salts do help, but only against google attacks . 密码盐确实有帮助,但仅限于谷歌攻击 。 Bcrypt hashes (+ salt!) are much slower to generate (which is good), making even weak passwords hard to crack. Bcrypt哈希(+盐!)生成得慢得多(这很好),甚至弱密码难以破解。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.