SQL Server Management Studio: How to edit MD5 value
I have table [user], created in SQL Server Management Studio, with this structure:
id int PRIMARY NOT NULL
login varchar(255) NOT NULL
password varchar(32) NOT NULL
Now, I want to insert first user into database. Right click to table [user], choose Edit top 200 rows and type new user values into the grid:
id | login | password
1 | admin | MD5('admin')
But after save, inserted password is MD5('admin'), but I expect the 21232f297a57a5a743894a0e4a801fc3 hash.
How can I do that in Microsoft SQL Server Management Studio?
Thanks
P.S. I am using SQL Server 2008 Express 10.50.1600.1 and Microsoft SQL Server Management Studio 10.50.1600.1.
Answer
- hash values are byte arrays, not character strings. Use VARBINARY column type.
- Do not insert MD5 of unsalted passwords. It takes 2.96 seconds to reverse crack online the hash to the password. Use a properly salted password and write the salt in the table.
Right click to table [user], choose Edit top 200 rows and type new user values into the grid. Well, what do you expect? The table edit is a feature to enter values, and if you enter the stringMD5('admin')then the value in the table will be...MD5('admin'). It is not an interactive function evaluator (aside from MD5 not being a SQL Server function...)
Do not reinvent the wheel, specially do not reinvent a security wheel if you don't speak fluent crypto. Most frameworks have modules for membership management. Eg. Introduction to Membership.