What Column Type and Length Should I Use for Storing Bcrypt Hashed Passwords?

Bcrypt Hashed Password Storage: Column Type and Length Considerations

When storing Bcrypt hashed passwords in a database, it's crucial to choose an appropriate column type and length to ensure data integrity and security.

Column Type

For bcrypt-hashed passwords, the BINARY(60) or CHAR(60) BINARY column type is recommended to ensure proper storage of the hashed values. This is because Bcrypt produces fixed-length hashes typically comprising 60 bytes.

Hash Length

Bcrypt hashes are "stretched," requiring significant computational work to generate. As a result, Bcrypt hashes are always the same length. The salt and hashed output combined form a 53-character base-64-encoded value, resulting in a hash length of 60 bytes.

Justification

The Bcrypt algorithm uses a 128-bit salt and 186-bit hash, which are base-64-encoded to create a total length of 53 characters. Adding the initial identifier ("$2a$"), cost parameter (typically 2 digits), and trailing delimiter ("$") results in a total length of 60 bytes.

Therefore, when storing Bcrypt hashed passwords in a database, it is essential to use a column type that can accommodate the fixed length of 60 bytes. This ensures accurate storage and processing of the hashed passwords, safeguarding data integrity and security.

The above is the detailed content of What Column Type and Length Should I Use for Storing Bcrypt Hashed Passwords?. For more information, please follow other related articles on the PHP Chinese website!