Encrypting a password in C #?

Question

Encrypting a password in C #?

How can I encrypt and decrypt passwords in C #? Thanks for any help.

+2

c # .net passwords encryption

Mercy joseph 03 oct. At 12:54 pm

source to share

2 answers

Bob kaufman · Answer 1 · 2009-10-03T12:56:45+0000

First, you are not really going to store the encrypted password anywhere, instead of doing a one-way hash (like SHA ), store that hash. Then when you challenge the user for their password, you perform the same hash. If the new hash matches the stored hash, you get a match.

The difference between hash and encryption is that with encryption you can recover the original text, where with a hash you cannot.

Reading on SHA (secure hashing algorithm) and other hashing algorithms. This should get you off to a good start.

Better yet, learn about the .NET built-in membership API . It's almost trivial to implement, and it manages all of this annoyance in terms of user passwords, logins, logouts and much more for you.

csharptest.net · Answer 2 · 2009-10-03T13:38:08+0000

UPDATED

Have a look at this answer: C # Password Encryption

- or -

Read this post: http://csharptest.net/470/another-example-of-how-to-store-a-salted-password-hash/

There is a lot of good and bad information on the internet about password storage. You need to know two things:

You must use a salted hash to prevent dictionary attacks
You are using the minimal SHA256 hash provider

A quick search gave me this example code: http://www.obviex.com/samples/hash.aspx

and I'll go with this SaltedHash utility class (looks pretty complete at first glance):

http://www.dijksterhuis.org/creating-salted-hash-values-in-c/

Encrypting a password in C #?

More articles: