Solution: Store a Salted Hash of the Password

The chief problem in this antipattern is that the original form of the password is readable. Instead, you should authenticate the user’s input against a password without reading it. This section describes how to implement this kind of secure password storage in an SQL database.

Understanding Hash Functions

Encode the password using a one-way cryptographic hash function. This transforms its input string into a new string, called the hash, that is unrecognizable. Even the length of the original string is obscured, because the hash returned by a hash function is a fixed-length string. For example, the SHA-256 algorithm converts our example password, xyzzy, to a 256-bit string of bits, usually represented ...

Get SQL Antipatterns, Volume 1 now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.