You shouldn't encrypt or decrypt it at all. What you should do is create
a hash of the password value and then store it in the database. The next
time the user tries to logon you should hash the password they entered
and compare it to the stored hash, if they are the same then the user
entered the proper password. This helps prevent anyone with access to
your database (for legitimate or other wise) purposes from figuring out
people's passwords (as the hash can not be reversed). You may also
consider salting the password when hashing it.
Here's one site with some info:
http://www.ondotnet.com/pub/a/dotnet...chap01/?page=2
others can be located using a search on google for:
dotnet password hash salt
Hope this helps.
Have A Better One!
John M Deal, MCP
Necessity Software
VB Programmer wrote:
I am using SQL Server as the database for my ASP.NET app.
I have a users table with a password field. What is the best way to encrypt
it before it goes into the table, then decrypt it to read the value? Any
sample code or links would be helpful.
Thanks!