Hashing in SQL

Poking around I ran into an article that showed how to hash input or variables in SQL. It is very important to note that the output hash will vary depending on your input data type. So hashing nvarchar will give you a different result than hashing nchar.

Also please note that this sort of thing might be considered bad practice by some as it requires your user’s data to go through yet another connection (webserver to sql server) which might possibly be unencrypted and sniffed.

Here is the MSDN example almost verbatim:

DECLARE @HashThis nvarchar(4000);
SELECT @HashThis = CONVERT(nvarchar(4000),'some text');

Here is how I tested it though I don’t recommend you do it this way.

SELECT HASHBYTES('SHA1', 'password');

The following algorithms are available, unfortunately they vary by server year:

  • MD2
  • MD4
  • MD5
  • SHA
  • SHA1
  • SHA2_256 (2012 Only)
  • SHA2_512 (2012 Only)

http://msdn.microsoft.com/en-us/library/ms174415(v=sql.110).aspx” title=”http://msdn.microsoft.com/en-us/library/ms174415(v=sql.110).aspx