G
Guest
How do I encrypt passwords before saving in the database
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
S
Steve C. Orr [MVP, MCSD]
Here's a concise article on hashing passwords:
http://www.aspnetpro.com/NewsletterArticle/2003/04/asp200304so_l/asp200304so_l.asp
And here's some articles using other encryption techniques:
http://www.fawcette.com/vsm/2002_08/online/hottips/fergus/default.asp
http://www.devx.com/security/article/7019
http://www.aspnetpro.com/NewsletterArticle/2003/04/asp200304so_l/asp200304so_l.asp
And here's some articles using other encryption techniques:
http://www.fawcette.com/vsm/2002_08/online/hottips/fergus/default.asp
http://www.devx.com/security/article/7019
E
Eliyahu Goldin
Tayo,
The recommended way of storing passwords is hashing. Hashing works one way,
you can't calculate the actual password out of hash value. DotNet implements
hashing in function
System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile
You might want to use salt values for better security. Look at
http://www.microsoft.com/downloads/...FamilyID=055FF772-97FE-41B8-A58C-BF9C6593F25E
for the full explanation.
Eliyahu
The recommended way of storing passwords is hashing. Hashing works one way,
you can't calculate the actual password out of hash value. DotNet implements
hashing in function
System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile
You might want to use salt values for better security. Look at
http://www.microsoft.com/downloads/...FamilyID=055FF772-97FE-41B8-A58C-BF9C6593F25E
for the full explanation.
Eliyahu
N
Nick Gilbert
The recommended way of storing passwords is hashing.
Don't forget that if you choose to store the password as a hash, you
will never be able to remind the user of their password (there is no way
to get the password out of the hash). Instead you will need to provide a
reset password feature which perhaps, changes the password to random
chars and e-mails it to them.
Nick...
Don't forget that if you choose to store the password as a hash, you
will never be able to remind the user of their password (there is no way
to get the password out of the hash). Instead you will need to provide a
reset password feature which perhaps, changes the password to random
chars and e-mails it to them.
Nick...
Ask a Question
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.
Similar Threads
Forum statistics
Latest Threads
-
Image on header
- Started by strawbs
-
Stephanie Beaudeau Emsworth was a Gang Member
- Started by trafficcone
-
Can I stop HTTPS?
- Started by IBMJunkman
-
Stephanie Beaudeau Emsworth is Running a Prostitution Ring
- Started by verona
-
Reverse search for a website
- Started by DRCM
-
What are the key advantages of using a SaaS (Software as a Service) model for application development?
- Started by remotedevelopers
-
How to build a database-driven web page
- Started by av3mar1a153