how to loginpage.aspx password decrypt in asp.net using

string pwd = dt.Rows[i]["Password"].ToString();

                dt.Rows[i]["Password"] = Decrypt(pwd);

                if (UserName == txtUserName.Text && pwd == txtPassword.Text)

                {

                    Session["UserName"] = UserName;

                    if (dt.Rows[i]["Role"].ToString() == "SuperAdmin")

                        Response.Redirect("Default.aspx");

                }

                else

                {

                    lblmsg.Text = "Invalid User Name or Password! Please try again!";

                }

Webmasters964, if this helps please login to Mark As Answer. | Alert Moderator

You can use the below functions:-

protected void login_btn_Click(object sender, EventArgs e)
{
con.ConnectionString = ConfigurationManager.ConnectionStrings["cnn"].ConnectionString;
con.Open();
try
{
// In the below sql query i am decrypting the encrypted password which is store in the database
adp = new SqlDataAdapter(@"select convert(varchar(10), DECRYPTBYPASSPHRASE ('12',password )) AS PWD from login_details where uid=@uid ", con);
adp.SelectCommand.Parameters.AddWithValue("@uid", user_txt.Text);
DataSet ds = new DataSet();
adp.Fill(ds);
// this code find the user from database . if yser does't exist in the database
//then label print the msg "Invalid user" & return
if (ds.Tables[0].Rows.Count == 0)
{
lbl_errormg.Text = "Invalid user";
user_txt.Text = "";
pwd_txt.Text = "";
return;
}
// this is the code to convert byte array to string
string str = (ds.Tables[0].Rows[0]["pwd"]).ToString();
byte[] bytes = UTF8Encoding.ASCII.GetBytes(str);
string str2 = UTF8Encoding.ASCII.GetString(bytes);
// in the str2 i am storing the decrypted passwword
Console.WriteLine(str2);
// here i am campairing the password enter by the user with the database entry
// if both will not matched then label print the msg "Invalid Password" & return

if (str2 != pwd_txt.Text)
{
lbl_msg.Text = "Invalid Password";
pwd_txt.Text = "";
user_txt.Text = "";
return;
}
else
{
// In the below sql query i am decrypting the encrypted password which is store in the str2 variablle
cmd = new SqlCommand(@"select uid , convert(varchar(10), DECRYPTBYPASSPHRASE ('12',password )) AS PWD from login_details where uid=@uid and password=@password", con);
cmd.Parameters.AddWithValue("@uid", user_txt.Text);
cmd.Parameters.AddWithValue("@password", str2);
DataSet ds1 = new DataSet();
adp.Fill(ds1);
// this code find the username & password fron the database id these both are available in the database
//then you can redirect to next page otherwise
// label print the msg "Invalid user" & return
if (ds1.Tables[0].Rows.Count == 0)
{
lbl_msg.Text = "Invalid Userid or Password";
user_txt.Text = "";
pwd_txt.Text = "";
}

else
{
Response.Redirect("next.aspx");
lbl_msg.Text = "";
}
}
}
catch
{
user_txt.Text = "";
pwd_txt.Text = "";
}
user_txt.Text = "";
pwd_txt.Text = "";

}

Happy Coding

Webmasters964, if this helps please login to Mark As Answer. | Alert Moderator

str = "Select * from tbl_Login";

            cmd = new SqlCommand(str);

            sqlda = new SqlDataAdapter(cmd.CommandText, con);

            dt = new DataTable();

            sqlda.Fill(dt);

            RowCount = dt.Rows.Count;

            for (int i = 0; i < RowCount; i++)

            {

                UserName = dt.Rows[i]["UserName"].ToString();

                string pwd = dt.Rows[i]["Password"].ToString();

                dt.Rows[i]["Password"] = Decrypt(pwd);

                if (UserName == txtUserName.Text && pwd == txtPassword.Text)

                {

                    Session["UserName"] = UserName;

                    if (dt.Rows[i]["Role"].ToString() == "SuperAdmin")

                        Response.Redirect("Default.aspx");

                }

                else

                {

                    lblmsg.Text = "Invalid User Name or Password! Please try again!";

                }

            }

break point Check ..help any idea page redirect ("Default.aspx"); Not !

Webmasters964, if this helps please login to Mark As Answer. | Alert Moderator

Why are you using looping for this?
1)Take input from two text boxes (UserName & Password)....
2) Decrypt Password of the user based on UserName (Mostly UserNames are different for each other)..

SELECT * FROM TableName WHERE UserName = User_Textbox;

3) check for equality of password retrieved from database and user entered password
4) If successful then Response.Redirect("Default.aspx") ; otherwise display "Invalid UserName & Password Message" to user...

-- The following are the encryption & Decryption methods

using System.Text;

private string Encryptdata(string password)

    {

        string strmsg = string.Empty;

        byte[] encode = new byte[password.Length];

        encode = Encoding.UTF8.GetBytes(password);

        strmsg = Convert.ToBase64String(encode);

        return strmsg;

    }

   

    private string Decryptdata(string encryptpwd)

    {

        string decryptpwd = string.Empty;

        UTF8Encoding encodepwd = new UTF8Encoding();

        Decoder Decode = encodepwd.GetDecoder();

        byte[] todecode_byte = Convert.FromBase64String(encryptpwd);

        int charCount = Decode.GetCharCount(todecode_byte, 0, todecode_byte.Length);

        char[] decoded_char = new char[charCount];

        Decode.GetChars(todecode_byte, 0, todecode_byte.Length, decoded_char, 0);

        decryptpwd = new String(decoded_char);

        return decryptpwd;

    }







string strpassword = Encryptdata(TextBox1.Text); //Enc



string strpassword = Decryptdata(TextBox1.Text); //Dec

Mark This Response as Answer
--
Chandu
http://www.dotnetfunda.com/images/dnfmvp.gif

Webmasters964, if this helps please login to Mark As Answer. | Alert Moderator

May be this is what you are looking for?

          str = "Select * from tbl_Login WHERE username='"+TextBoxValue.Text + "'";

            cmd = new SqlCommand(str);

            sqlda = new SqlDataAdapter(cmd.CommandText, con);

            dt = new DataTable();

            sqlda.Fill(dt);

            RowCount = dt.Rows.Count;



                UserName = dt.Rows["UserName"].ToString();

                string pwd = dt.Rows["Password"].ToString();

                dt.Rows["Password"] = Decrypt(pwd);

                if (UserName == txtUserName.Text && pwd == txtPassword.Text)

                {

                    Session["UserName"] = UserName;

                    if (dt.Rows["Role"].ToString() == "SuperAdmin")

                        Response.Redirect("Default.aspx");

                }

                else

                {

                    lblmsg.Text = "Invalid User Name or Password! Please try again!";

                }

Mark This Response as Answer
--
Chandu
http://www.dotnetfunda.com/images/dnfmvp.gif

Webmasters964, if this helps please login to Mark As Answer. | Alert Moderator

Login.aspx.cs

using System;

using System.Collections;

using System.Configuration;

using System.Data;

using System.Linq;

using System.Web;

using System.Web.Security;

using System.Web.UI;

using System.Web.UI.HtmlControls;

using System.Web.UI.WebControls;

using System.Web.UI.WebControls.WebParts;

using System.Xml.Linq;

using System.Globalization;

using System.Text;

using System.IO;

using System.Data.SqlClient;



namespace Register_login_Encrypt_Decrypt_Asp

{

    public partial class Login : System.Web.UI.Page

    {

        string connStr = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;

        SqlCommand com;

        SqlDataAdapter sqlda;

        DataSet ds,ds1;

        string str,str2;

        

        protected void btn_login_Click(object sender, EventArgs e)

        {

            SqlConnection con = new SqlConnection(connStr);

            con.Open();

            try

        {



        sqlda = new SqlDataAdapter(@"select convert(varchar(100), DECRYPTBYPASSPHRASE ('pass',password )) AS PWD from employee where name=@name ", con);

        Session["name"] = txt_name.Text;

        sqlda.SelectCommand.Parameters.AddWithValue("@name", Session["name"]);

        ds = new DataSet();

        sqlda.Fill(ds);



        if (ds.Tables[0].Rows.Count == 0)

        {

        lbl_msg.Text = "Invalid name";

        txt_name.Text = "";

        txt_password.Text = "";

        return;

        }



        str = (ds.Tables[0].Rows[0]["PWD"]).ToString();

        byte[] bytes = UTF8Encoding.ASCII.GetBytes(str);

        str2 = UTF8Encoding.ASCII.GetString(bytes);



        if (str2 != txt_password.Text)

        {

        lbl_msg.Text = "Invalid Password";

        txt_password.Text = "";

        txt_name.Text = "";

        return;

        }

        else

        {

        com = new SqlCommand(@"select name , convert(varchar(100), DECRYPTBYPASSPHRASE ('pass',password )) AS PWD from employee where name=@name and password=@password", con);

        com.Parameters.AddWithValue("@name", Session["name"]);

        com.Parameters.AddWithValue("@password", str2);

        ds1 = new DataSet();

        sqlda.Fill(ds1);



        if (ds1.Tables[0].Rows.Count == 0)

        {

        lbl_msg.Text = "Invalid name or Password";

        txt_name.Text = "";

        txt_password.Text = "";

        }

        else

        {

        Response.Redirect("Welcome.aspx");

        }

        }

        }

        catch (Exception err)

        {

        lbl_msg.Text = "Error: " + err.ToString();  

        }

        }

    }

}

If this post helps you mark it as answer
Thanks

Webmasters964, if this helps please login to Mark As Answer. | Alert Moderator