The MD5 algorithm
How are passwords stored in the database? Plain text or ciphertext? Obviously as a responsible company the passwords should be stored in ciphertext in the database so that if the database was breached the passwords would not be exposed if they were encrypted
MD5 Algorithm introduction
MD5 is a hash algorithm used to ensure the integrity of information. A piece of information corresponds to a hash value and cannot be derived from the hash value, and it is necessary to ensure that no two different pieces of information correspond to the same hash value.
Java implementations use THE MD5 algorithm for encryption
Required dependencies: Commons-codec
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
</dependency>
Copy the codeImplementation:
String str = "admin";
// Use the DigestUtils utility class
String s = DigestUtils.md5Hex(str);
System.out.println("MD5 encryption result :"+s);
Copy the codeAdd salt to the operation
Although the MD5 algorithm encryption can not be decrypted, but some simple, high frequency passwords are still very likely to be cracked and recorded, such as: 123456, admin,root, etc. Then what to add salt? Is to encrypt the original string according to their own ideas to add some regular irregular strings
For example: Encrypted string: 123456 Salt: Encrypted string: 123456abcd
Java implementation of salt operation
String salter = "Salted string";
String str = "admin";
// Use the DigestUtils utility class
String s = DigestUtils.md5Hex(str+salter);
System.out.println("MD5 encryption result :"+s);
Copy the codeNode.js implements MD5 encryption and salting
NPM crypto download
npm install crypto
Code:
var crypto = require('crypto')
/ / add salt
let str = "admin"
let salt = 'Node'
str = str + salt
let obj = crypto.createHash('md5')
obj.update(str)
let strHex = obj.digest('hex')
console.log(strHex)
Copy the code