Hi. I am writing an app which stores usernames/passwords and email addresses
in a database table.
The question is how can I encrypt the password provided by the user ?
FormsAuthentication.Encrypt produces an encrypted string, but it is for use
in a ticket.
On the other hand, FormsAuthentication.HashPasswordForStoringInConfig File
produces an encrypted string for use in a config.xml file.
Anyway, even if I wanted to use this one, how do I reverse it (decrypt it)
in order to be able to send it to the user in case he requests it (Forgotten
password) ?
The second question would be how do I get my application's name ?
Thanks a lot, Alex.
3  2411 
I think you should hash the password. It's true you can't decrypt it, but
neither can anybody else, therefore you will never be liable for letting
people's passwords get stolen.
Here are the details: http://SteveOrr.net/faq/encrypt.aspx
--
I hope this helps,
Steve C. Orr, MCSD, MVP http://SteveOrr.net
"Alex Nitulescu" <RE***********************@yahoo.com> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl... Hi. I am writing an app which stores usernames/passwords and email
addresses in a database table.
The question is how can I encrypt the password provided by the user ?
FormsAuthentication.Encrypt produces an encrypted string, but it is for
use in a ticket.
On the other hand, FormsAuthentication.HashPasswordForStoringInConfig File
produces an encrypted string for use in a config.xml file.
Anyway, even if I wanted to use this one, how do I reverse it (decrypt it)
in order to be able to send it to the user in case he requests it
(Forgotten password) ?
The second question would be how do I get my application's name ?
Thanks a lot, Alex.
Yes, Steve, but in this case how could I provide that "fogotten password"
feature - I plan to be able to send an email to the user, containing the
username & password, as most sites do !
Should I roll up my own encryption/decryption system, then ?
"Steve C. Orr [MVP, MCSD]" <St***@Orr.net> wrote in message
news:ek**************@TK2MSFTNGP12.phx.gbl... I think you should hash the password. It's true you can't decrypt it, but
neither can anybody else, therefore you will never be liable for letting
people's passwords get stolen.
Here are the details:
http://SteveOrr.net/faq/encrypt.aspx
--
I hope this helps,
Steve C. Orr, MCSD, MVP
http://SteveOrr.net
"Alex Nitulescu" <RE***********************@yahoo.com> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl... Hi. I am writing an app which stores usernames/passwords and email
addresses in a database table.
The question is how can I encrypt the password provided by the user ?
FormsAuthentication.Encrypt produces an encrypted string, but it is for
use in a ticket.
On the other hand, FormsAuthentication.HashPasswordForStoringInConfig File
produces an encrypted string for use in a config.xml file.
Anyway, even if I wanted to use this one, how do I reverse it (decrypt
it) in order to be able to send it to the user in case he requests it
(Forgotten password) ?
The second question would be how do I get my application's name ?
Thanks a lot, Alex.
Okay, sorry, Steve, I rushed to answer you BEFORE noticing and therefore
reading your link. I'll follow the links on the page provided.
Thanks a lot for your time,
Alex.
"Steve C. Orr [MVP, MCSD]" <St***@Orr.net> wrote in message
news:ek**************@TK2MSFTNGP12.phx.gbl... I think you should hash the password. It's true you can't decrypt it, but
neither can anybody else, therefore you will never be liable for letting
people's passwords get stolen.
Here are the details:
http://SteveOrr.net/faq/encrypt.aspx
--
I hope this helps,
Steve C. Orr, MCSD, MVP
http://SteveOrr.net
"Alex Nitulescu" <RE***********************@yahoo.com> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl... Hi. I am writing an app which stores usernames/passwords and email
addresses in a database table.
The question is how can I encrypt the password provided by the user ?
FormsAuthentication.Encrypt produces an encrypted string, but it is for
use in a ticket.
On the other hand, FormsAuthentication.HashPasswordForStoringInConfig File
produces an encrypted string for use in a config.xml file.
Anyway, even if I wanted to use this one, how do I reverse it (decrypt
it) in order to be able to send it to the user in case he requests it
(Forgotten password) ?
The second question would be how do I get my application's name ?
Thanks a lot, Alex.
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: wqhdebian |
last post by:
As far as I know,when encrypt or decrypt ,a key must first be got,and
the key is first generate by a tool or from SecurityRandom,that means
I can not generate the same key with the same input.Does...
|
by: Neil Ginsberg |
last post by:
I have ODBC linked tables to a SQL 7 database in an A2K database. The linked
tables do not have the password stored in them, so the first time the user
accesses them, they need to enter the SQL...
|
by: Henry |
last post by:
Hi, my asp.net application is accessing a mssql on another server.
This works fine when I use this in my web.config file:
<add key="dbkey"...
|
by: Luis Esteban Valencia |
last post by:
Hello I want to encrypt the sqlconenction string on the xml
configuration files.
The problem is the following
I have an application at my company that accesses a sql server local
database. ...
|
by: Miles Keaton |
last post by:
still doing my switch from MySQL to PgSQL, and can't figure out what
the comparable function would be for this:
In MySQL, to store a big secret (like a credit card number) in the
database that I...
|
by: Declan Barry |
last post by:
Hi all..
Does anyone have a php script that would allow me to encrypt the
contents of a txt file?
I have an excel file which has a list of usernames and generated
passwords. What I would...
|
by: googlegroups |
last post by:
Hi, I'm making a javascript program for rolling dice for a roleplaying
game that's played in a forum. The die roll gets generated, gets stored
as text in a hidden form field, and then gets written...
|
by: Aneesh P |
last post by:
Hi All,
I need to encrypt some fields esp password key values in configuration
file while installting the application using .Net installer project
and decrypt those values from my...
|
by: Gilles Ganault |
last post by:
Hello
I'd like to encrypt a customer's organization name to use this as
their password to launch our application, and decrypt it within our
VB5 application.
We will then use this information...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 2 August 2023 starting at 18:00 UK time (6PM UTC+1) and finishing at about 19:15 (7.15PM)
The start time is equivalent to 19:00 (7PM) in Central...
|
by: erikbower65 |
last post by:
Using CodiumAI's pr-agent is simple and powerful. Follow these steps:
1. Install CodiumAI CLI: Ensure Node.js is installed, then run 'npm install -g codiumai' in the terminal.
2. Connect to...
|
by: linyimin |
last post by:
Spring Startup Analyzer generates an interactive Spring application startup report that lets you understand what contributes to the application startup time and helps to optimize it. Support for...
|
by: erikbower65 |
last post by:
Here's a concise step-by-step guide for manually installing IntelliJ IDEA:
1. Download: Visit the official JetBrains website and download the IntelliJ IDEA Community or Ultimate edition based on...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 6 Sept 2023 starting at 18:00 UK time (6PM UTC+1) and finishing at about 19:15 (7.15PM)
The start time is equivalent to 19:00 (7PM) in Central...
|
by: Taofi |
last post by:
I try to insert a new record but the error message says the number of query names and destination fields are not the same
This are my field names
ID, Budgeted, Actual, Status and Differences
...
|
by: DJRhino1175 |
last post by:
When I run this code I get an error, its Run-time error# 424 Object required...This is my first attempt at doing something like this. I test the entire code and it worked until I added this -
If...
|
by: Rina0 |
last post by:
I am looking for a Python code to find the longest common subsequence of two strings. I found this blog post that describes the length of longest common subsequence problem and provides a solution in...
|
by: Mushico |
last post by:
How to calculate date of retirement from date of birth
| |
