patternsqlMinor
MySQL secure random string generator
Viewed 0 times
randomsecuregeneratormysqlstring
Problem
I am looking to generate a cryptographically secure string for password reset in MySQL. I know I could do this at the application level in PHP; but that requires the OpenSSL extension which many of my customers might not have.
If I can do it in MySQL 5 in a secure way that is widely available that would be ideal. Is this possible?
Note: This is for generating a secure token for password reset. It doesn't have anything to do with a secure connection, so using https is not a solution.
If I can do it in MySQL 5 in a secure way that is widely available that would be ideal. Is this possible?
Note: This is for generating a secure token for password reset. It doesn't have anything to do with a secure connection, so using https is not a solution.
Solution
There are many encryption methods available in mySQL.
If you need two way encryption you could use
If if you only need a secure hash then you could use
The following statement could get you a similar result to
The statement above takes
If you need two way encryption you could use
aes_encrypt which has the accompanying aes_decryptIf if you only need a secure hash then you could use
sha2The following statement could get you a similar result to
openssl_random_pseudo_bytesSELECT HEX(SHA2(CONCAT(NOW(), RAND(), UUID()), 512));The statement above takes
NOW() and concatenates it with RAND() and a UUID(), then performs a 512 bit SHA2() encryption on the result, and then converts that to HEX()Code Snippets
SELECT HEX(SHA2(CONCAT(NOW(), RAND(), UUID()), 512));Context
StackExchange Database Administrators Q#119746, answer score: 4
Revisions (0)
No revisions yet.