Password encyption

**kenobewan** · Jan 26 '08, 12:23 PM

Depends on the method of encryption:
Encrypting Sensitive Data in a Database

**gyap88** · Jan 26 '08, 12:30 PM

Originally posted by kenobewan

Depends on the method of encryption:
Encrypting Sensitive Data in a Database

Sorry the link is invalid..

**kenobewan** · Jan 27 '08, 01:53 PM

Originally posted by gyap88

Sorry the link is invalid..

My bad - http://aspnet.4guysfromrolla.com/articles/081705-1.aspx

**wimpos** · Jan 28 '08, 08:30 AM

For storing passwords you should use an algorithm that has one way encryption, so it can be decrypted. md5 or hash , ...

User registers:
- choose password: mypass
- Hashed: o5d4g44f
- stored in database

User logs in
- user types password: mypass
- password hashed: o5d4g44f
- check if hash in database is the same

**kevin111** · Jan 28 '08, 09:54 AM

MD5 is good, when the message is encrypted, the length of the encrypted message will be a constant, 16 or 32
decryption is not needed, when a user submit a password, encrypt it, then compare with the encrypted password saved in database

[CODE=cpp] public static string GetMD5(string source)
{
string result = "";

MD5 md5 = MD5.Create();
byte[] buffer = md5.ComputeHash (System.Text.En coding.Unicode. GetBytes(source ));
for (int i = 0; i < buffer.Length; i++)
{
result += buffer[i].ToString("X2") ;
}

return result;
}[/CODE]

don't forget "using System.Security .Cryptography"

Password encyption

Password encyption

Comment

Comment

Comment

Comment

Comment