MySQL Forums
Forum List  »  Security

Why is ENCRYPT() depreciated when it can be used to create secure hashes? What's a good alternative?
Posted by: Aritz Beobide-Cardinal
Date: September 02, 2017 09:03AM

Now, usually my programs would hash passwords before interacting with MySQL, but I've ran into a situation where MySQL has to do some of that work.

So, according to https://dev.mysql.com/worklog/task/?id=8126 , ENCRYPT() is depreciated because the underlying unix crypt() function uses DES, however, by using this function correctly, you can create secure hashes as described in https://security.stackexchange.com/questions/150687/is-it-safe-to-use-the-encrypt-function-in-mysql-to-hash-passwords

In the documentation, it is suggested to use AES_ENCRYPT() as an alternative, but I don't understand how a 1 way hashing function could have a 2 way encryption function as an alternative.

Since I know that ignoring deprecated warnings aren't generally a good idea for the longevity of my project, I would like to know how to store things like passwords securely using 1 way functions.

Options: ReplyQuote


Subject
Views
Written By
Posted
Why is ENCRYPT() depreciated when it can be used to create secure hashes? What's a good alternative?
855
September 02, 2017 09:03AM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.