以纯文本格式存储密码确实不是一个好主意.永远不要那样做.

您可以将密码转换为代码级别的哈希，并以字符串形式存储在数据库中.您正在使用C#或其他工具吗?

Storing passwords in plain text is really bad idea. Don''t ever do that.

You can convert the password into hash in code level and store in the database as a character string. Are you working with C# or something else?

1.编写一个快速的控制台应用程序以对SQL外部的密码进行哈希处理.
2.是的，盐.

1. Write a quick console app to hash the passwords outside of SQL.
2. Yes, salt.

您将不得不在数据库中添加另一列pwd_salt
并随机生成pwd_salt

将pwd + pwd_salt连接到字符串
将字符串转换为字节
并使用.net类的System.Security.Cryptography.SHA1Managed中的computehash函数来计算哈希.

You will have to add another column pwd_salt in the database
and generate the pwd_salt randomly

concate pwd + pwd_salt to a string
convert string to bytes
and use computehash function from System.Security.Cryptography.SHA1Managed of .net class to compute hash.