I am looking to generate a cryptographically secure string for password reset in MySQL. I know I could do this at the application level in PHP; but that requires the OpenSSL extension which many of my customers might not have.
If I can do it in MySQL 5 in a secure way that is widely available that would be ideal. Is this possible?
Note: This is for generating a secure token for password reset. It doesn't have anything to do with a secure connection, so using https is not a solution.
Best Answer
There are many encryption methods available in mySQL.
If you need two way encryption you could use
aes_encrypt
which has the accompanyingaes_decrypt
If if you only need a secure hash then you could use
sha2
The following statement could get you a similar result to
openssl_random_pseudo_bytes
The statement above takes
NOW()
and concatenates it withRAND()
and aUUID()
, then performs a 512 bitSHA2()
encryption on the result, and then converts that toHEX()