search for: pcks5

Hello, I have a few questions on password schemes. Is SHA512 the most secure? Is there a difference between SHA512 and SHA512-CRYPT? What about SSHA512 and SSH512-CRYPT? Is there a problem with this sql statement: UPDATE virtual_users SET password=CONCAT(?{SHA256-CRYPT}?, ENCRYPT (?Password Goes Here?, CONCAT(?$5$?, SUBSTRING(SHA(RAND()), -16)))) WHERE user=?user at example.com?; I'm

...e?, CONCAT(?$5$?, SUBSTRING(SHA(RAND()), -16)))) >> WHERE user=?user at example.com?; >> >> I'm getting an error 1064 at the ending email address. >> >> Thanks. >> Dave. > > SSHA512 is salted SHA512, SHA512-CRYPT is crypt(3) compatible salted hash. > PCKS5 or SHA512-CRYPT with over 1000 rounds is probably very secure, but > SHA512-CRYPT is also good. Using SHA512 is not recommended, as it's unsalted > hash. > > If ENCRYPT is same as crypt(3) then you can try put rounds into salt, like > "$6$rounds=4000$s9Zc4OA11IuLt/iV$"....

...}?, ENCRYPT > (?Password Goes Here?, CONCAT(?$5$?, SUBSTRING(SHA(RAND()), -16)))) > WHERE user=?user at example.com?; > > I'm getting an error 1064 at the ending email address. > > Thanks. > Dave. SSHA512 is salted SHA512, SHA512-CRYPT is crypt(3) compatible salted hash. PCKS5 or SHA512-CRYPT with over 1000 rounds is probably very secure, but SHA512-CRYPT is also good. Using SHA512 is not recommended, as it's unsalted hash. If ENCRYPT is same as crypt(3) then you can try put rounds into salt, like "$6$rounds=4000$s9Zc4OA11IuLt/iV$". Aki

...))) > >> WHERE user=?user at example.com?; > >> > >> I'm getting an error 1064 at the ending email address. > >> > >> Thanks. > >> Dave. > > > > SSHA512 is salted SHA512, SHA512-CRYPT is crypt(3) compatible salted hash. > > PCKS5 or SHA512-CRYPT with over 1000 rounds is probably very secure, but > > SHA512-CRYPT is also good. Using SHA512 is not recommended, as it's unsalted > > hash. > > > > If ENCRYPT is same as crypt(3) then you can try put rounds into salt, like > > "$6$rounds=4000...