Should the hash be stored in binary or hexadecimal?

Question

Should the hash be stored in binary or hexadecimal?

I usually store it in a hexadecimal number, but I understand that I could save half the space if I store it in binary format inside MySQL. Are there any problems that I should know about if I decide to save them in binary format?

+7

security php mysql passwords hash

IMB Aug 08 '12 at 18:44

source share

2 answers

In terms of usability, it is best to store the hash in hexadecimal. Saving them in binary format means that another step is required to compare conventional text input with a saved password. It can also add a layer of confusion to everyone who will work on your project after you move on. "Why is this password stored in binary format?"

+4

Stieffers Aug 08 '12 at 18:48

source share

Leigh · Accepted Answer · 2012-08-08T18:46:02+0000

How many passwords are you going to store? Does half space really mean a lot to you?

You probably represent the hexadecimal passwords in your application, so storing them in binary format adds another level of complexity and processing overhead when performing any operations on these passwords.

My opinion is that you should store them in such a way that it is convenient for you to work, and not one that saves you a small amount of space.

Edit:

Let's go make some assumptions and take the opportunity to help you a little further.

Since your passwords are in hexadecimal, I assume you are not using crypt , and if you are not, you should be. In the worst case scenario, you use md5 ... and god kills the kittens.

There are many questions and answers about bcrypt on stack overflow already, so I will not cover the information again here.

The SHA512 question against Blowfish and Bcrypt is a good place to start.

Also read some @ircmaxell posts in this thread:

Should the hash be stored in binary or hexadecimal?

More articles: