Wrox Programmer Forums
Go Back   Wrox Programmer Forums > ASP.NET and ASP > ASP.NET 1.0 and 1.1 > ASP.NET 1.0 and 1.1 Basics
Reload this Page Password encryption and storage in the database.
|
ASP.NET 1.0 and 1.1 Basics ASP.NET discussion for users new to coding in ASP.NET 1.0 or 1.1. NOT for the older "classic" ASP 3 or the newer ASP.NET 2.0.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the ASP.NET 1.0 and 1.1 Basics section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old April 25th, 2007, 12:50 AM
Authorized User
  
Join Date: Jun 2006
Posts: 26
Thanks: 0
Thanked 0 Times in 0 Posts
Default Password encryption and storage in the database.
Dear all,

I have developed an application which allows user to register and there by choose their own userid and password.

As of now i'm capturing the password field in plain text and also storing the password in the database as plain text.

I want to encrypt the password, store in database and fetch the password from the database, decrypt it and use it for comparision, so as to validate the user. please tell me how to make it possible.

If possible give some references.

Intellectuals solve problems but Genious avoid problems.
__________________
Intellectuals solve problems but Genious avoid problems.
 
Old April 25th, 2007, 02:13 AM
Friend of Wrox
  
Join Date: Aug 2004
Posts: 550
Thanks: 0
Thanked 1 Time in 1 Post
Default
Hi

Check the link below for assistance:

http://www.codeproject.com/useritems...MD5_TriDES.asp

Regards
Mike

Fortune favours the brave, so don't regret on missed oppurtunities.
 
Old April 25th, 2007, 07:07 AM
planoie's Avatar
Friend of Wrox
  
Join Date: Aug 2003
Posts: 5,407
Thanks: 0
Thanked 16 Times in 16 Posts
Default
The best way I've found to do this is to store a 1-way hash of the password.

There is a method within the forms authentication class: FormsAuthentication.HashPasswordForStoringInConfig File

http://msdn2.microsoft.com/en-us/lib...onfigfile.aspx

The idea is that when the user creates the account, you hash the password and store that. Then when they log in, you hash the password they entered, get the hashed value from the DB, then compare the two hashed values. Then you don't have to decrypt anything. This is actually more secure, because uses a hash algorithm instead of an encryption algorithm (which will have a matching decryption).

-Peter
 
Old April 26th, 2007, 01:14 AM
Authorized User
  
Join Date: Jun 2006
Posts: 26
Thanks: 0
Thanked 0 Times in 0 Posts
Default
Thanks a lot sir.

It worked. i used md5 hashing procedure.

Intellectuals solve problems but Genious avoid problems.
 
Old July 30th, 2008, 05:03 AM
Authorized User
  
Join Date: Jul 2007
Posts: 16
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via Yahoo to mujahidkhaleel
Default
Simple method to hash password using MD5 can be found here http://www.ripplecreations.com/techn...md5-csharp.php



Mujahid Khaleel
Web applications and security





Similar Threads
Thread Thread Starter Forum Replies Last Post
Storing password using encryption from JAVA inderjeet_79 Java Databases 3 October 11th, 2007 04:11 AM
Password encryption decryption, storage in databas zaheerabbas.sk ASP.NET 1.0 and 1.1 Professional 1 April 25th, 2007 02:15 AM
password encryption angshujit ASP.NET 2.0 Basics 1 January 4th, 2007 03:34 PM
password encryption kosla78 Classic ASP Professional 6 July 12th, 2006 03:50 PM
Password Storage in an App ginoitalo Beginning VB 6 0 August 13th, 2004 08:41 AM




Contact Us - Wrox - Privacy Statement - Top

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.