Re: How to save PASSWORD in SQL Server with bit or binary type dat

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

Thank you for info. I did it as you wrote and its working perfectly.

Rgds,
Niyazi

"Uncle Sam" wrote:

Sorry


Remove the Form_Load Sub I included it by mistake

--
Uncle Sam


"Uncle Sam" wrote:

Hi
I dont this its good practice to be able to descrypt a password. I this you
should use md5 ecryption because its only one way which means you cant
decrypt. This is what you have to do. Encrypt the user password and store it
, to validate the user's password when they login, just encrypt id again and
compare the result to the encrypted password in the data base (instead of
decrypting the password)

here a sample

Imports System.Text
Imports System.Security.Cryptography

Public Class Form1

Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles Button1.Click
Dim hashedDataBytes As Byte()
hashedDataBytes = MD5(TextBox1.Text)
End Sub

Private Function MD5(ByVal password As String) As Byte()
Dim md5Hasher As New MD5CryptoServiceProvider()
Dim encoder As New UTF8Encoding()
Return md5Hasher.ComputeHash(encoder.GetBytes(password))
End Function

Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles MyBase.Load
Me.Enabled = False
Button2.Enabled = True
End Sub

Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles Button2.Click
Me.Close()
End Sub
End Class




--
Uncle Sam


"Niyazi" wrote:

Hi David,

I am the person who have to say the word "THANK YOU."

You were realy open my eyes, yes I agree with you I also have more to learn
and things in this area will changable everyday new things comes or we
realize how to use it.

I wish I can help others as well. But this is going to my one of big
project. And yestarday I learn that company wants to move the application in
WAN network area and not to be only use inside the company. So I am desiging
eveythings from zero.

Sometimes I find difficulty to work alone but inthe good side I am and will
going to learn alot.

It was small application in 1 pc as SDI project. Untill yesterday I move it
to Remote SQL server as 3 tire MDI application and now I have to move as 3
tire to WAN network.

I need to overcome this so I can start to learn and practise again the SQL
Server Stored Procedures and move it to n-tire MDI application.

I am more than ready to help if you need it. If you post a new question
please make sure use this post to send me your question and the link of the
your new post.

I am realy fed-up using my hotmail account due to spam mails.

I thank you one more.
Here is the my Class Library Project for Encryption and Decryption:

First I created a VB.NET class Library to created a dll. So I can use it in
all other my programs to. You can change it anyway you like it. It is not my
code I get it from the article that I mentioned it.

So I hope the Authors will not mind much.
-----------------------------------------------------------------------------------------------


Just post into class library and compile.


Imports System
Imports System.IO
Imports System.Text
Imports System.Security.Cryptography

Public Class clsTripleDES

Private key() As Byte = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14,
15, 16, 17, 18, 19, 20, 21, 22, 23, 24}
Private iv() As Byte = {65, 110, 68, 26, 69, 178, 200, 219}


'Encrypt the user data as byte before saving into SQL Server 2000
Public Function Encrypt(ByVal plainText As String) As Byte()

'Decalre UTF8Encoding object so we may use the GetByte method to
transform
'the plainText into Byte array
Dim utf8encoder As UTF8Encoding = New UTF8Encoding
Dim inputInBytes() As Byte = utf8encoder.GetBytes(plainText)

'Create a new TripleDES service provider
Dim tdesProvider As TripleDESCryptoServiceProvider = New
TripleDESCryptoServiceProvider

'The ICryptTransform interface uses the TripleDes crypt provider along
with
'encryption key and init vector information
Dim cryptoTransform As ICryptoTransform =
tdesProvider.CreateEncryptor(Me.key, Me.iv)

'All cryptographic functions need a stream to output the encrypted
information.
'Here we declare a memory stream for this purpose.
Dim encryptedStream As MemoryStream = New MemoryStream
Dim cryptStream As CryptoStream = New CryptoStream(encryptedStream,
cryptoTransform, CryptoStreamMode.Write)

'Write the encrypted information to the stream. Flush the information
'when done to ensure everything is out of the buffer.
cryptStream.Write(inputInBytes, 0, inputInBytes.Length)
cryptStream.FlushFinalBlock()
encryptedStream.Position = 0

'Read the stream back into a Byte array and return it to the calling
method.
Dim result(encryptedStream.Length - 1) As Byte
encryptedStream.Read(result, 0, encryptedStream.Length)
cryptStream.Close()
Return result

End Function

'Decrypt the data from SQL Server 2000 before using it as string
Public Function Decrypt(ByVal inputInBytes() As Byte) As String
'UFTEncoding is used to transform the decrypted Byte Array information
back into a string
Dim utf8encoder As UTF8Encoding = New UTF8Encoding
Dim tdesProvider As TripleDESCryptoServiceProvider = New
TripleDESCryptoServiceProvider

'As before we must provide the encryption/decryption key along with
the init vector
Dim cryptoTransform As ICryptoTransform =
tdesProvider.CreateDecryptor(Me.key, Me.iv)

'Provider a memory stream to decrypt information into
Dim decryptedStream As MemoryStream = New MemoryStream
Dim cryptStream As CryptoStream = New CryptoStream(decryptedStream,
cryptoTransform, CryptoStreamMode.Write)
cryptStream.Write(inputInBytes, 0, inputInBytes.Length)
cryptStream.FlushFinalBlock()
decryptedStream.Position = 0

'Read the memory stream and convert it back into a string
Dim result(decryptedStream.Length - 1) As Byte
decryptedStream.Read(result, 0, decryptedStream.Length)
cryptStream.Close()

Dim myutf As UTF8Encoding = New UTF8Encoding
Return myutf.GetString(result)

End Function

End Class
----------------------------------------------------------------------------------------------

I hope this helps other as well.

Rgds,
GC

.

Quantcast