Login/Register
Size of MD5 hash generated
Asked Answered
Solved c#hashform-authentication
E

3

9

I would be using MD5 hashing to store encrypted passwords. Password can be 6 to 40 characters long. What is the database column size required for storing the encrypted password. Also, if 40 characters hash size is very large, then how much hash size would a 20 character password take?

I am using FormsAuthentication.HashPasswordForStoringInConfigFile(stringToEncrypt, "MD5"); to generate hash for storing in Database.

Eyrir answered 9/8, 2011 at 8:4 Comment(2)
hashing != encryptingAbarca
Also don't use MD5 for passwords. Use a computationally expensive hash algorithm like BCrypt or SCrypt so they are hard to reverse by brute force.Tatouay
B
31

A hash algorithm always maps an arbitrary sized message to a fixed-length representation. In other words, you can hash an empty string or many gigabytes of information. The hash size is always fixed.

In your case the hash size is 128 bits. When converted to an ASCII string it would be a 32 character string that contains only hexadecimal digits.

Buckwheat answered 9/8, 2011 at 8:12 Comment(2)
Thanks a lot. I will use a 32 char column to store the hashed password.Eyrir
Remember, if you're manually hashing passwords, you're doing it wrong. Please use bcrypt.Gingergingerbread
S
7

http://msdn.microsoft.com/en-us/library/system.security.cryptography.md5.aspx

The hash size for the MD5 algorithm is 128 bits, regardless of the length of the string being hashed.

Consider using a newer hashing functions like SHA 256.

Shaper answered 9/8, 2011 at 8:8 Comment(1)
Or for storing passwords, use bcrypt.Gingergingerbread
G
3

MD5 hashes are always exactly 16 bytes (128 bits) long, no matter how long the input is.

Gingergingerbread answered 9/8, 2011 at 8:7 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.