Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Go Back   Wrox Programmer Forums > ASP.NET and ASP > ASP.NET 1.0 and 1.1 > ASP.NET 1.0 and 1.1 Basics
Password Reminder
Register
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
ASP.NET 1.0 and 1.1 Basics ASP.NET discussion for users new to coding in ASP.NET 1.0 or 1.1. NOT for the older "classic" ASP 3 or the newer ASP.NET 2.0.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the ASP.NET 1.0 and 1.1 Basics section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
 
 
Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old April 25th, 2007, 12:50 AM
Authorized User
 
Join Date: Jun 2006
Location: Hyderabad, Andhrapradesh, India.
Posts: 26
Thanks: 0
Thanked 0 Times in 0 Posts
Default Password encryption and storage in the database.

Dear all,

I have developed an application which allows user to register and there by choose their own userid and password.

As of now i'm capturing the password field in plain text and also storing the password in the database as plain text.

I want to encrypt the password, store in database and fetch the password from the database, decrypt it and use it for comparision, so as to validate the user. please tell me how to make it possible.

If possible give some references.

Intellectuals solve problems but Genious avoid problems.
__________________
Intellectuals solve problems but Genious avoid problems.
  #2 (permalink)  
Old April 25th, 2007, 02:13 AM
Friend of Wrox
Points: 1,935, Level: 17
Points: 1,935, Level: 17 Points: 1,935, Level: 17 Points: 1,935, Level: 17
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Aug 2004
Location: United Kingdom
Posts: 550
Thanks: 0
Thanked 1 Time in 1 Post
Default

Hi

Check the link below for assistance:

http://www.codeproject.com/useritems...MD5_TriDES.asp

Regards
Mike

Fortune favours the brave, so don't regret on missed oppurtunities.
  #3 (permalink)  
Old April 25th, 2007, 07:07 AM
planoie's Avatar
Friend of Wrox
Points: 16,481, Level: 55
Points: 16,481, Level: 55 Points: 16,481, Level: 55 Points: 16,481, Level: 55
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Aug 2003
Location: Clifton Park, New York, USA.
Posts: 5,407
Thanks: 0
Thanked 16 Times in 16 Posts
Default

The best way I've found to do this is to store a 1-way hash of the password.

There is a method within the forms authentication class: FormsAuthentication.HashPasswordForStoringInConfig File

http://msdn2.microsoft.com/en-us/lib...onfigfile.aspx

The idea is that when the user creates the account, you hash the password and store that. Then when they log in, you hash the password they entered, get the hashed value from the DB, then compare the two hashed values. Then you don't have to decrypt anything. This is actually more secure, because uses a hash algorithm instead of an encryption algorithm (which will have a matching decryption).

-Peter
  #4 (permalink)  
Old April 26th, 2007, 01:14 AM
Authorized User
 
Join Date: Jun 2006
Location: Hyderabad, Andhrapradesh, India.
Posts: 26
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thanks a lot sir.

It worked. i used md5 hashing procedure.

Intellectuals solve problems but Genious avoid problems.
  #5 (permalink)  
Old July 30th, 2008, 05:03 AM
Authorized User
 
Join Date: Jul 2007
Location: Bangalore, Karnataka, India.
Posts: 16
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via Yahoo to mujahidkhaleel
Default

Simple method to hash password using MD5 can be found here http://www.ripplecreations.com/techn...md5-csharp.php



Mujahid Khaleel
Web applications and security
 


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Storing password using encryption from JAVA inderjeet_79 Java Databases 3 October 11th, 2007 04:11 AM
Password encryption decryption, storage in databas zaheerabbas.sk ASP.NET 1.0 and 1.1 Professional 1 April 25th, 2007 02:15 AM
password encryption angshujit ASP.NET 2.0 Basics 1 January 4th, 2007 03:34 PM
password encryption kosla78 Classic ASP Professional 6 July 12th, 2006 03:50 PM
Password Storage in an App ginoitalo Beginning VB 6 0 August 13th, 2004 08:41 AM



All times are GMT -4. The time now is 08:26 PM.


Powered by vBulletin®
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.