# mysql – How long is the SHA256 hash?

## The Question :

256 people think this question is useful

I’m going to run SHA256 on a password + salt, but I don’t know how long to make my VARCHAR when setting up the MySQL database. What is a good length?

• Before anyone reading this decides to follow this advice and use SHA-* to hash passwords, PLEASE read this first.
• Unless you’re using SHA-256 on passwords, which you shouldn’t do, the hashes have a length of 256 bits, or 64 hexadecimal characters, or 43 alphanumeric characters, or 32 bytes.

354 people think this answer is useful

A sha256 is 256 bits long — as its name indicates.

Since sha256 returns a hexadecimal representation, 4 bits are enough to encode each character (instead of 8, like for ASCII), so 256 bits would represent 64 hex characters, therefore you need a varchar(64), or even a char(64), as the length is always the same, not varying at all.

And the demo :

$hash = hash('sha256', 'hello, world!'); var_dump($hash);



Will give you :

\$ php temp.php
string(64) "68e656b251e67e8358bef8483ab0d51c6619f3e7a1a9f0e75838d41ff368f728"



i.e. a string with 64 characters.

77 people think this answer is useful

Encoding options for SHA256’s 256 bits:

1. Base64: 6 bits per char = CHAR(44) including padding character
2. Hex: 4 bits per char = CHAR(64)
3. Binary: 8 bits per byte = BINARY(32)

30 people think this answer is useful

I prefer to use BINARY(32) since it’s the optimized way!

You can place in that 32 hex digits from (00 to FF).

Therefore BINARY(32)!

It will be fixed 64 chars, so use char(64)