Difference between GetHashCode() method and ComputeHash()

P

Prasad

Hi,
I am trying to encrypt password for a user record in a sql database. I
want to know what is difference between or which is better and
efficient for encryption GetHashCode() method from object class or
ComputeHash() method from MD5CryptoServiceProvider class.
 
R

rogers.terry

Hi,
I am trying to encrypt password for a user record in a sql database. I
want to know what is difference between or which is better and
efficient for encryption GetHashCode() method from object class or
ComputeHash() method from MD5CryptoServiceProvider class.
Click to expand...

GetHashCode is a simple hash, approriate for use in a Hashtable (or
generic Dictionary), but should not be considered cryptographically
secure.

ComputeHash of a HashAlgorithm is a secure hash (i.e. cannot be easily
reversed), approriate for storing passwords in a database.
SHA1 is preferred to MD5 (http://en.wikipedia.org/wiki/
Md5#Vulnerability)

So for passwords you should use something like:

using System.Security.Cryptography;
using System.Text;
//...
public static byte[] GetPasswordHash(string password)
{
HashAlgorithm algorithm = SHA1.Create();
byte[] data = Encoding.Unicode.GetBytes(password);
return algorithm.ComputeHash(data);
}

Terry.
 
P

Prasad

Hi,
I am trying to encrypt password for a user record in a sql database. I
want to know what is difference between or which is better and
efficient for encryption GetHashCode() method from object class or
ComputeHash() method from MD5CryptoServiceProvider class.
Click to expand...

GetHashCode is a simple hash, approriate for use in a Hashtable (or
generic Dictionary), but should not be considered cryptographically
secure.

ComputeHash of a HashAlgorithm is a secure hash (i.e. cannot be easily
reversed), approriate for storing passwords in a database.
SHA1 is preferred to MD5 (http://en.wikipedia.org/wiki/
Md5#Vulnerability)

So for passwords you should use something like:

using System.Security.Cryptography;
using System.Text;
//...
public static byte[] GetPasswordHash(string password)
{
  HashAlgorithm algorithm = SHA1.Create();
  byte[] data = Encoding.Unicode.GetBytes(password);
  return algorithm.ComputeHash(data);

}

Terry.
Click to expand...

Thank you Terry, I will try it.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Trying to creade method .between() 3
The distinction between a java applet and an application 1
[For Beginners)Difference between Java and JavaScript 3
Can't execute php to delete multiple rows in database 3
Registration Form 7
Difference between these two lists? 7
Collecting multiple items and saving to one list item, for eventual storage as a record. 8
what is the difference between commenting and uncommenting the__init__ method in this class? 2

Members online

No members online now.
Total: 32 (members: 1, guests: 31)
Robots: 67

Forum statistics

Threads
473,770
Messages
2,569,584
Members
45,079
Latest member
ElidaWarin

Latest Threads

Top