Download 100% FREE Office Document APIs for .NET
DotNetFunda.com
Online: 2703
Home > Forums > ASP.NET >

How to store passwrod in Encrypted format

Posted by Self-Innovator under ASP.NET on 3/30/2012 | Points: 10 | Views : 16098 | Status : [Member] | Replies : 10
Write New Post | Search Forums | AnsweredResolved Posts | Un Answered Posts | Forums Home 
From front end when iam registering the user details how to store the Password in encrypted format..

Join Hands Change lives
Thanks & Regards
Straight Edge Society

Reply | Reply with Attachment
Alert Moderator 

Responses

Posted by: Sheonarayan on: 3/30/2012 [Administrator] HonoraryPlatinum | Points: 25

Up
0
Down
It works something like below

1. Encrypt password using any encryption mechanism
2. Store into database
3. While checking for login, encrypt the user entered password with the same encryption mechanism (as 1st point) and check for the record in the database.

You may read below articles too

http://www.dotnetfunda.com/articles/article888-encrypt-and-decrypt-a-password-using-encryptbypassphrase-and-decryptbypassp.aspx
http://www.dotnetfunda.com/articles/article367-encrypting-password-and-store-in-a-database-using-sqlserver.aspx

Hope this helps

Thanks

Regards,
Sheo Narayan
http://www.dotnetfunda.com

Self-Innovator, if this helps please login to Mark As Answer. | Alert Moderator
Posted by: Hmanjarawala on: 3/31/2012 [Member] Bronze | Points: 25

Up
0
Down
Hi,
If you want to store password in encrypted format, the use Convert.ToBase64String(<your-password>) and store resultant string into database.


Mark this as answer, if it helps you............

Himanshu Manjarawala
Sr. Software Engineer@AutomationAnywhere
http://fieredotnet.wordpress.com/

Self-Innovator, if this helps please login to Mark As Answer. | Alert Moderator
Posted by: Self-Innovator on: 3/31/2012 [Member] Bronze | Points: 25

Up
0
Down
Sir i've stored the password in Encrypted format...
now when i am logging how do i retrieve the encrypted passwrd...


Join Hands Change lives
Thanks & Regards
Straight Edge Society

Self-Innovator, if this helps please login to Mark As Answer. | Alert Moderator
Posted by: Hmanjarawala on: 3/31/2012 [Member] Bronze | Points: 25

Up
0
Down
Hi,

you don't required to decrypt your stored password.
do one thing whatever password you enter encrypt it and check that encrypted version with stored one.

if match then ok....


Mark this as answer, if it helps you............

Himanshu Manjarawala
Sr. Software Engineer@AutomationAnywhere
http://fieredotnet.wordpress.com/

Self-Innovator, if this helps please login to Mark As Answer. | Alert Moderator
Posted by: Self-Innovator on: 3/31/2012 [Member] Bronze | Points: 25

Up
0
Down
Hi Hmanjarawala....
this is My Insert Sp 
ALTER PROC [dbo].[spAddUserDetails]

@Uid CHAR(4),

@Pwd VARCHAR(40),

@Name VARCHAR(70),

@DesigCode CHAR(3),

@Email VARCHAR(50),

@TelNo VARCHAR(25)=NULL,

@HandPhNo VARCHAR(25)=NULL,

@active bit

AS

BEGIN	

DECLARE @chkDesigCode CHAR(3)	

		INSERT INTO tblUserMst VALUES(@Uid,EncryptByPassPhrase('12',@Pwd),@Name,@DesigCode,@Email,@TelNo,@HandPhNo,@active)	

	

END

For the Same i need a get Sp while user Logging in it should chek...i've tried but its not wrking...
chek this.,.. 
CREATE PROC spGetUsers

@UName CHAR(4),

@Pwd VARBINARY(100)

AS

BEGIN

	Select * from tblUserMst where UserID=@UName and Password=@Pwd

END


Join Hands Change lives
Thanks & Regards
Straight Edge Society

Self-Innovator, if this helps please login to Mark As Answer. | Alert Moderator
Posted by: Hmanjarawala on: 3/31/2012 [Member] Bronze | Points: 25

Up
0
Down
Ok,
try this 

CREATE PROC spGetUsers



@UName CHAR(4),



@Pwd VARBINARY(100)



AS



BEGIN



	Select * from tblUserMst where UserID=@UName and Password=EncryptByPassPhrase('12',@Pwd)



END



Mark this as answer, if it helps you............


Himanshu Manjarawala
Sr. Software Engineer@AutomationAnywhere
http://fieredotnet.wordpress.com/

Self-Innovator, if this helps please login to Mark As Answer. | Alert Moderator
Posted by: Self-Innovator on: 3/31/2012 [Member] Bronze | Points: 25

Up
0
Down
Eception
Exception occursscript language='javascript'>alert('Implicit conversion from data type nvarchar to varbinary is not allowed. Use the CONVERT function to run this query.');..


Join Hands Change lives
Thanks & Regards
Straight Edge Society

Self-Innovator, if this helps please login to Mark As Answer. | Alert Moderator
Posted by: Hmanjarawala on: 3/31/2012 [Member] Bronze | Points: 25

Up
0
Down
Ok, pass you password as a string...here

Himanshu Manjarawala
Sr. Software Engineer@AutomationAnywhere
http://fieredotnet.wordpress.com/

Self-Innovator, if this helps please login to Mark As Answer. | Alert Moderator
Posted by: Sksamantaray on: 3/31/2012 [Member] Silver | Points: 25

Up
0
Down
Hi,Self-Inovator,
You can use MD5 technology for password encryption, simple yet secured.
For a sample code:
http://www.aspnettutorials.com/tutorials/advanced/md5-secret-aspnet2-csharp.aspx

Thanks,
Sanjay

Self-Innovator, if this helps please login to Mark As Answer. | Alert Moderator
Posted by: Aduni on: 6/29/2012 [Member] Starter | Points: 25

Up
0
Down
hai.. i want to ask about the correct way to update the password in asp.net c#
UpdateCmd.CommandText = @"UPDATE staffHR SET password = EncryptByPassPhrase(@password, convert(varbinary,password)) WHERE username = @username";
UpdateCmd.Connection = con;
string pwd = TextBox1.Text;
System.Text.ASCIIEncoding encryptpwd = new System.Text.ASCIIEncoding();
byte[] bpwdArray = encryptpwd.GetBytes(pwd);
UpdateCmd.Parameters.AddWithValue("@username", Label1.Text);
UpdateCmd.Parameters.AddWithValue("@password", bpwdArray);
UpdateCmd.ExecuteNonQuery();
UpdateCmd.Dispose();
con.Close();

this code not update the column, but not have any error.. anyone help me plizz

Self-Innovator, if this helps please login to Mark As Answer. | Alert Moderator

Login to post response

Latest Posts