Re: How can I encrypt the password stored in a database table ?

From: Steve C. Orr [MVP, MCSD] (Steve_at_Orr.net)
Date: 02/11/05

• Next message: somu.t: "Back Button Problem"
• Previous message: Murray Patrick via DotNetMonster.com: "__doPostBack Error -- Javascript"
• Messages sorted by: [ date ] [ thread ]

Date: Thu, 10 Feb 2005 23:05:20 -0800

I think you should hash the password. It's true you can't decrypt it, but
neither can anybody else, therefore you will never be liable for letting
people's passwords get stolen.
Here are the details:
http://SteveOrr.net/faq/encrypt.aspx

-- 
I hope this helps,
Steve C. Orr, MCSD, MVP
http://SteveOrr.net
"Alex Nitulescu" <REMOVETHIScuca_macaii2000@yahoo.com> wrote in message 
news:%23BvQacAEFHA.2156@TK2MSFTNGP10.phx.gbl...
> Hi. I am writing an app which stores usernames/passwords and email 
> addresses in a database table.
>
> The question is how can I encrypt the password provided by the user ?
>
> FormsAuthentication.Encrypt produces an encrypted string, but it is for 
> use in a ticket.
>
> On the other hand, FormsAuthentication.HashPasswordForStoringInConfigFile 
> produces an encrypted string for use in a config.xml file.
> Anyway, even if I wanted to use this one, how do I reverse it (decrypt it) 
> in order to be able to send it to the user in case he requests it 
> (Forgotten password) ?
>
> The second question would be how do I get my application's name ?
>
> Thanks a lot, Alex.
> 

• Next message: somu.t: "Back Button Problem"
• Previous message: Murray Patrick via DotNetMonster.com: "__doPostBack Error -- Javascript"
• Messages sorted by: [ date ] [ thread ]

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint