数据库身份证号加密密码加密_您是否应该加密数据库中的电子邮件

数据库身份证号加密密码加密

When I was working on my user management system, I thought about how to store the email addresses in the database. I wanted as much security as possible while maintaining a functional app. Because email addresses need to be accessible to send emails, they cannot be strongly encrypted with a password derived key. However, while it would certainly be bad to lose emails, they aren’t quite as bad as credit cards or social security numbers. Therefore, you may be able to get away with storing them in cleartext or using obfuscation. You should always focus on making sure that your server cannot be hacked, but if your database gets compromised, it would be nice to have an extra layer of security.

在使用用户管理系统时，我想到了如何在数据库中存储电子邮件地址。 我希望在维护功能正常的应用程序时尽可能获得更高的安全性。 因为发送电子邮件需要访问电子邮件地址，所以不能使用密码派生密钥对电子邮件地址进行严格加密。 但是，虽然丢失电子邮件肯定很糟糕，但它们却不如信用卡或社会保险号那么糟糕。 因此，您可能可以将它们以明文形式存储或使用混淆处理。 您应该始终专注于确保服务器不会被黑客入侵，但是，如果您的数据库遭到入侵，那么拥有额外的安全层将是一件好事。

为什么要加密电子邮件地址？ (Why encrypt email addresses?)

With data security becoming more of a concern lately, you want to make sure to store user data securely. First of all, you should focus on preventing any database leaks in general, but in the unfortunate case that it is compromised anyway, it would be nice to have additional protection. And on that note, you should strongly consider what data you need to store. After all, the best protection against losing data is not saving it in the first place.

近年来，随着数据安全性越来越受到关注，您需要确保安全地存储用户数据。 首先，通常应该着重于防止任何数据库泄漏，但是在不幸的情况下，无论如何它都会受到损害，最好有附加的保护。 并请注意，您应该强烈考虑需要存储哪些数据。 毕竟，防止丢失数据的最佳保护措施并不是一开始就将其保存。

There are three categories of data: passwords, user data, and user data, that needs to be known by the app. Passwords can be stored as hash values because they are only used for authorization and with a modern hashing algorithm and salt they are going to be fine. User data, that is only accessed by the user himself, can be stored strongly encrypted with a key derived from the password when the user logs in. This means the ke