数据库加密乱码

如何加密数据库中的密码？ (How to Encrypt Passwords in your Database/s ?)

With the ever increasing rate of hacks and attacks, more and more individuals across the web have started realizing the need for keeping their website(s) secure. One of the ways is to implement an password encryption for your database. Having said that, when building a website that is password protected, it is also important to determine a way to keep the users login details secure from getting in the hands of the attackers.

随着黑客和攻击率的不断提高，网络上越来越多的个人开始意识到保持其网站安全的需求。 一种方法是为数据库实现密码加密。 话虽如此，在构建受密码保护的网站时，确定一种确保用户登录详细信息安全以免被攻击者掌握的方法也很重要。

We hear people saying that they wish to secure their website and the data it includes. But what does the term “Secure” mean ? One should be aware that the data within the websites database isn’t secure. If the database password falls in the wrong hands, all the measures that you’ve taken for securing your site would all go in-vain. We come across many users that use some sort of non-standard ciphering software that uses an algorithm that is of no good. Instead, users can opt for a standardized algorithm for example MD-5 or Message Digest Algorithm 5.

我们听到有人说他们希望保护其网站及其包含的数据的安全。 但是“安全”一词是什么意思？ 应该意识到，网站数据库中的数据并不安全。 如果数据库密码使用不当，则为保护站点安全而采取的所有措施都将徒劳无功。 我们遇到了许多使用某种非标准加密软件的用户，这些软件使用的算法不好。 相反，用户可以选择标准化算法，例如MD-5或消息摘要算法5 。

This algorithm is popular and is considered even by the experts in the industry. Message Digest Algorithm 5 is a encryption technique that uses a one-way hash algo. The most beneficial benefits of using MD5 encryption is it capability of not allowing anyone to revert an encrypted output to the initial, plain-text input. Whatever the input be, MD5 would always maps it to the same encrypted value. Hence, assuring the webmasters that the stored passwords would never be disclosed nor accessible to anybody. With this encryption technique, despite if the hacker is able to breach into your database, he would only have the “Read” permissions and not “Write” capabilities hence preventing him to make any changes in it.

该算法很受欢迎，甚至业内专家也考虑过。 消息摘要算法5是一种使用单向哈希算法的加密技术。 使用MD5加密的最大好处是它具有不允许任何人将加密输出还原为初始纯文本输入的功能。 无论输入是什么，MD5始终会将其映射到相同的加密值。 因此，向网站管理员保证，所存储的密码将永远不会被任何人泄露或访问。 使用这种加密技术，即使黑客能够入侵您的数据库，他也将仅具有“读取”权限，而没有“写入”功能，因此阻止了他对其进行任何更改。

Though there are certain drawbacks of MD5 encryption as well. One should not consider the technique of MD5 encryption as completely dependable. Incase, the password that you have set isn’t much strong, there are chances that a brute force attack can help the attacker gets to know it. Therefore, it is utmost important for users to have a complex password set for their websites, which too should be changed on a frequent basis.

尽管MD5加密也有某些缺点。 人们不应该认为MD5加密技术是完全可靠的。 如果您设置的密码不是很强，则蛮力攻击有可能帮助攻击者了解它。 因此，对用户来说，为其网站设置复杂的密码至关重要，该密码也应经常更改。

It’s obvious to have a spontaneous question arising in the minds that, despite knowing these facts, why must we use MD5 encryption ? Then, reasons for it is that, this algorithm is fast, simple and really powerful.

很明显，在头脑中出现了一个自发的问题，尽管知道这些事实，但为什么我们必须使用MD5加密？ 然后，原因在于，该算法快速，简单且功能强大。

Most website owners do not realise the basic fact that a password encryption would merely be of little use. It would only keep your passwords protects and not your entire website. If your website is poorly coded and loop holes, then an attacker or the hackers can exploit such weaknesses and cause serious damage, which might even be a compromised list of your highly confidential user details. This can only be avoided if you have a well written/coded website with sufficient information encryption. By doing this, hackers have next to no scope of causing damage. Even if they try to crack the encryption of the password, they would barely achieve success due to the very fact that it requires a lot of time and processing strength to achieve the results as per their expectations. And, thinking from a hackers perspective, no one can spend so long to try to decrypt a strongly encrypted password. Furthermore, it is important to maintain website and database backups on a regular basis. To understand the procedure to take backup of your database please refer :

大多数网站所有者并没有意识到密码加密仅用很少的基本事实。 这样只会保护您的密码，不会保护整个网站。 如果您的网站编码不正确并存在漏洞，那么攻击者或黑客可能会利用这些弱点并造成严重破坏，甚至可能是您高度机密的用户详细信息的被泄露列表。 只有在您拥有一个良好书写/编码的网站且具有足够的信息加密的情况下，才能避免这种情况。 这样，黑客几乎没有造成损害的范围。 即使他们尝试破解密码的加密，由于要花费大量时间和处理力才能达到他们期望的结果，他们也几乎无法取得成功。 而且，从黑客的角度考虑，没有人可以花这么长时间尝试解密高度加密的密码。 此外，定期维护网站和数据库备份也很重要。 要了解备份数据库的过程，请参考：

It wouldn’t matter if your website is hosted on a Dedicated Hosting server or any other Affordable Web Hosting package, MD5 encryption is supported on all the types of packages.

不管您的网站托管在专用托管服务器还是任何其他负担得起的Web托管程序包上，所有类型的程序包都支持MD5加密。

翻译自: https://www.eukhost.com/blog/webhosting/how-to-encrypt-passwords-in-your-database/

数据库加密乱码