Tetiana Azarova
Last answered:

23 Aug 2023

 Posted on:

29 Jul 2023
0

varchar better for passwords? Security

in SQL / String data types

Hi!

Heard that as a measure of security, it's good to set a fixed length for a password regardless of how long the actual password is - so that the time of checking (comparing) doesn't vary.

Would setting it as a char be the way to do that? Or there's some other - more advanced - mechanism in place?

1 answers ( 0 marked as helpful)
Tsvetelin Tsonkov
Instructor
Posted on:

23 Aug 2023
0

Hi Tetiana!
Thanks for reaching out.


You can see that VARCHAR is beneficial if the length of the string that you are storing is variable. The reason why CHAR is often used for password fields is because the output of hashing algorithms is consistent regardless of the length of input.


Hope this helps.
Best,
Tsvetelin

Submit an answer

related questions

Avtandil Chakhnashvili
3
4
It'd be better to include emp_no in columns
Shaterra Byrd
0
2
VARCHAR QUESTION