G
Guest
How do I encrypt passwords before saving in the database
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
S
Steve C. Orr [MVP, MCSD]
Here's a concise article on hashing passwords:
http://www.aspnetpro.com/NewsletterArticle/2003/04/asp200304so_l/asp200304so_l.asp
And here's some articles using other encryption techniques:
http://www.fawcette.com/vsm/2002_08/online/hottips/fergus/default.asp
http://www.devx.com/security/article/7019
http://www.aspnetpro.com/NewsletterArticle/2003/04/asp200304so_l/asp200304so_l.asp
And here's some articles using other encryption techniques:
http://www.fawcette.com/vsm/2002_08/online/hottips/fergus/default.asp
http://www.devx.com/security/article/7019
E
Eliyahu Goldin
Tayo,
The recommended way of storing passwords is hashing. Hashing works one way,
you can't calculate the actual password out of hash value. DotNet implements
hashing in function
System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile
You might want to use salt values for better security. Look at
http://www.microsoft.com/downloads/...FamilyID=055FF772-97FE-41B8-A58C-BF9C6593F25E
for the full explanation.
Eliyahu
The recommended way of storing passwords is hashing. Hashing works one way,
you can't calculate the actual password out of hash value. DotNet implements
hashing in function
System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile
You might want to use salt values for better security. Look at
http://www.microsoft.com/downloads/...FamilyID=055FF772-97FE-41B8-A58C-BF9C6593F25E
for the full explanation.
Eliyahu
N
Nick Gilbert
The recommended way of storing passwords is hashing.
Don't forget that if you choose to store the password as a hash, you
will never be able to remind the user of their password (there is no way
to get the password out of the hash). Instead you will need to provide a
reset password feature which perhaps, changes the password to random
chars and e-mails it to them.
Nick...
Don't forget that if you choose to store the password as a hash, you
will never be able to remind the user of their password (there is no way
to get the password out of the hash). Instead you will need to provide a
reset password feature which perhaps, changes the password to random
chars and e-mails it to them.
Nick...
Ask a Question
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.
Similar Threads
Forum statistics
Latest Threads
-
What steps are the key steps involved in designing a product?
- Started by remotedevelopers
-
How to fetch and console.log all items from an associative array
- Started by John Keets
-
The *Best Python Cheat Sheet
- Started by kmh
-
Programming Blog
- Started by WhiteCube
-
Why getting 404 errors?
- Started by IBMJunkman
-
Wonky image crisis
- Started by OBXKH
-
JS exercise ''find the mistake'' not understood well
- Started by Chris
-
How does Mobile App Development company approach user experience (UX)?
- Started by remotedevelopers
-
Media query issue
- Started by OBXKH