> On April 29, 2017 at 4:22 AM David Mehler <dave.meh...@gmail.com> wrote:
> 
> 
> Hello,
> 
> I have a few questions on password schemes. Is SHA512 the most secure?
> Is there a difference between SHA512 and SHA512-CRYPT? What about
> SSHA512 and SSH512-CRYPT?
> 
> Is there a problem with this sql statement:
> 
> UPDATE virtual_users SET password=CONCAT(‘{SHA256-CRYPT}’, ENCRYPT
> (‘Password Goes Here’, CONCAT(‘$5$’, SUBSTRING(SHA(RAND()), -16))))
> WHERE user=’u...@example.com’;
> 
> I'm getting an error 1064 at the ending email address.
> 
> Thanks.
> Dave.

SSHA512 is salted SHA512, SHA512-CRYPT is crypt(3) compatible salted hash. 
PCKS5 or SHA512-CRYPT with over 1000 rounds is probably very secure, but 
SHA512-CRYPT is also good. Using SHA512 is not recommended, as it's unsalted 
hash.

If ENCRYPT is same as crypt(3) then you can try put rounds into salt, like 
"$6$rounds=4000$s9Zc4OA11IuLt/iV$".

Aki

Reply via email to