I'm going to run SHA256 on a password + salt, but I don't know how long to make my VARCHAR when setting up the MySQL database. What is a good length?
5 Answers
A sha256 is 256 bits long -- as its name indicates.
Since sha256 returns a hexadecimal representation, 4 bits are enough to encode each character (instead of 8, like for ASCII), so 256 bits would represent 64 hex characters, therefore you need a varchar(64), or even a char(64), as the length is always the same, not varying at all.
And the demo :
$hash = hash('sha256', 'hello, world!');
var_dump($hash);Will give you :
$ php temp.php
string(64) "68e656b251e67e8358bef8483ab0d51c6619f3e7a1a9f0e75838d41ff368f728"i.e. a string with 64 characters.
10Encoding options for SHA256's 256 bits:
- Base64: 6 bits per char =
CHAR(44)including padding character - Hex: 4 bits per char =
CHAR(64) - Binary: 8 bits per byte =
BINARY(32)
I prefer to use BINARY(32) since it's the optimized way!
You can place in that 32 hex digits from (00 to FF).
Therefore BINARY(32)!
2Why would you make it VARCHAR? It doesn't vary. It's always 64 characters, which can be determined by running anything into one of the online SHA-256 calculators.
3It will be fixed 64 chars, so use char(64)