According to the characteristics of the MD5 algorithm, we can regard the MD5 encryption process as a function calling process. It is recommended that the following modifications must be made. This can ensure the security of your website users and data to a certain extent. 1. Modify the four important constants of the MD5 algorithm. , this is the shortest way. Its characteristic is that the encrypted data is very similar to that before encryption, but will not be cracked.
2. Encrypt multiple times, encrypt the MD5 encrypted data twice or three times, or re-extract part of the value after each encryption for re-encryption. For example, I love you, after encryption, 1E6986ACEC7BAE541AB7B37B99260DAF, we can take any part for re-encryption. , for example, take the first 18 bits 1E6986ACEC7BAE541 and then The encryption is E3E0A1F51038849583263FE1F1B8B3E9. This method is very simple to modify. For example, if the call in asp is md5(password), then you can change it to md5(left(md5(password),16)). In this way, it is very safe, that is, your data will be It is impossible to download and crack it.
3. Imitation MD5 encryption. As the name suggests, we do not use MD5 encryption, but use other algorithms, and then take part of the hash to ensure that it will not be cracked.
There are many methods. I am just here to introduce some ideas. I hope you can modify it yourself when making a website to ensure that it is foolproof. No matter what software you use, I hope everyone will be cautious. We call this modification method the MD5 private algorithm or private algorithm. MD5 algorithm.
It is recommended for some large programs such as Dongwang, Dongyi, and OBLOG programmers;
Don't use the conventional MD5 algorithm. Some people say that if you don't use the conventional algorithm, it's not MD5. The encryption method is flexible. I hope you can choose a suitable algorithm when making programs. You can modify MD5 appropriately, such as adding the ability to change MD5 in the configuration file for users. Influence function, when the user installs the program normally, the choice is given, and the key parts of the MD5 algorithm function are automatically modified, thus making a difference. The encryption results of website user passwords are different. When setting the initial administrator password, you can save the password with a higher encryption level and improve the security of your own program. 2. When making programs, you should absorb more new encryption and decryption knowledge, even if you use conventional methods, We should consider more security factors other than programs. In many cases, we are open source, so new technologies such as dynamically changing user passwords should also be adopted.
Recommendations for ordinary users:
1. Do not use passwords that are too simple, such as pure numbers, pure letters, birthdays, phone numbers, zip codes, etc. It is best to use letters + characters + numbers, such as 1980zg97@*&^bye. Characters are mainly input through SHIFT + numbers, so Just remember the numbers. For example, if you enter SHIFT+zg3450987zg Actual input ZG#¥%) (×※ZG is much stronger than ordinary passwords
2. Do not repeat passwords, but they should be regular. For example, your passwords are different, but they are all related. For example, if the difference is 99, your first password is 8795%$#%4213 and the second password can be 38795%. $#%421
3. Enter the password and use the mouse. For example, if you want to enter 123456, you can enter 456 first and then put the mouse in front and enter 123.