Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Should security question answers be hashed?

Tags:

php

mysql

hash

md5

I'm working to a security system for a web application - admin section. If one admin want to make some important changes in application he will need to a answer to a security question.

My question is: the answer to this question should be hashed in database?

Also, I'm thinking to give to the administrators posibility to change their question/answer but admin could do this just if he confirm his identity using password. Is this a good approach?

like image 388
morandi3 Avatar asked Apr 21 '11 16:04

morandi3

Video Answer

1 Answers

Yes, but be sure to normalize it before hashing - lowercase it, consider removing all characters that aren't alphanumeric, etc. If I enter "ceejayoz" as my question, it should probably accept " CEEJAYOZ " as well.

like image 192
ceejayoz Avatar answered Oct 04 '22 00:10

ceejayoz
Sign in to Comment

Related questions

PHP Ampersand in String
How to check if php-fpm is installed and running correctly?
How can I randomize an array in PHP by providing a seed and get the same order?
PHP: How to calculate person age in months
How do I use JSON objects from Facebook with PHP?
How to keep DOMDocument from saving < as &lt
Best practice: Use same form for creation and update
PHP File Download using POST data via jQuery AJAX
The way PDO parametrized query works
Adding new line in excel cell generated via html
Check if some email address register at gravatar?
Unix timestamp before 1970 (even before 1700), using PHP
php include and closing tag
Does die() do an ob_end_flush()?
PHP fast random string function
Finding PHP scripts that require register_globals
PHP protection of GET parameters
PO Box Validation
Content-Transfer-Encoding in file uploading request
Why would sort fail?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!