Hello there,
Not sure if I'm in the right newsgroup but here it is anyway...
I store web passwords by encrypting them using a simple MD5 .dll I wrote a
little while ago using C#. User passwords are stored as binary data in the
database. When a user enters his/her password the newly entered password is
encrypted and the new binary arrays are compared to those in the database.
Long story short, no one besides the user can know the password.
Recently I needed to recompile the .dll. After recompiling none of the
passwords work. The new binary arrays are different than the ones in the
database. My old .dll still works but the newly compiled one does not.
Why would recompiling the dll change the way the same passwords are
encrypted?
Also, I've compared the files using a file compare and they are identical.
I need to recompile the file and I have a number of users who can't get
locked out of the site. Any help would be appreciated.
Thanks,
Chris
My encryption function:
public byte[] encryptPassword (string passwordString, string salt)
{
byte[] encryptedPass;
string password;
System.Security .Cryptography.M D5CryptoService Provider md5Hasher;
System.Text.UTF 8Encoding encoder;
// Generate a secure password string to encript
password = passwordString. Trim() + salt;
encoder = new System.Text.UTF 8Encoding();
md5Hasher = new System.Security .Cryptography.M D5CryptoService Provider();
encryptedPass =
md5Hasher.Compu teHash(encoder. GetBytes(passwo rdString.Trim() ));
return encryptedPass;
}
Not sure if I'm in the right newsgroup but here it is anyway...
I store web passwords by encrypting them using a simple MD5 .dll I wrote a
little while ago using C#. User passwords are stored as binary data in the
database. When a user enters his/her password the newly entered password is
encrypted and the new binary arrays are compared to those in the database.
Long story short, no one besides the user can know the password.
Recently I needed to recompile the .dll. After recompiling none of the
passwords work. The new binary arrays are different than the ones in the
database. My old .dll still works but the newly compiled one does not.
Why would recompiling the dll change the way the same passwords are
encrypted?
Also, I've compared the files using a file compare and they are identical.
I need to recompile the file and I have a number of users who can't get
locked out of the site. Any help would be appreciated.
Thanks,
Chris
My encryption function:
public byte[] encryptPassword (string passwordString, string salt)
{
byte[] encryptedPass;
string password;
System.Security .Cryptography.M D5CryptoService Provider md5Hasher;
System.Text.UTF 8Encoding encoder;
// Generate a secure password string to encript
password = passwordString. Trim() + salt;
encoder = new System.Text.UTF 8Encoding();
md5Hasher = new System.Security .Cryptography.M D5CryptoService Provider();
encryptedPass =
md5Hasher.Compu teHash(encoder. GetBytes(passwo rdString.Trim() ));
return encryptedPass;
}
Comment