Skip to Main Content
SQL Antipatterns, Volume 1
book

SQL Antipatterns, Volume 1

by Bill Karwin
October 2022
Intermediate to advanced content levelIntermediate to advanced
380 pages
9h 35m
English
Pragmatic Bookshelf
Content preview from SQL Antipatterns, Volume 1

Solution: Store a Salted Hash of the Password

The chief problem in this antipattern is that the original form of the password is readable. Instead, you should authenticate the user’s input against a password without reading it. This section describes how to implement this kind of secure password storage in an SQL database.

Understanding Hash Functions

Encode the password using a one-way cryptographic hash function. This transforms its input string into a new string, called the hash, that is unrecognizable. Even the length of the original string is obscured, because the hash returned by a hash function is a fixed-length string. For example, the SHA-256 algorithm converts our example password, xyzzy, to a 256-bit string of bits, usually represented ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Learning SQL, 3rd Edition

Learning SQL, 3rd Edition

Alan Beaulieu
SQL Antipatterns

SQL Antipatterns

Bill Karwin
High Performance MySQL, 4th Edition

High Performance MySQL, 4th Edition

Silvia Botros, Jeremy Tinley
SQL Cookbook, 2nd Edition

SQL Cookbook, 2nd Edition

Anthony Molinaro, Robert de Graaf

Publisher Resources

ISBN: 9798888650011Errata Page