A
A
Anton2014-07-27 15:23:52
Database
Anton, 2014-07-27 15:23:52

How to encrypt user data (login-password) in the database?

I am developing a project on ASP.NET MVC 5 (development from scratch, without using CMS).
Registration and authorization of the user is implemented by the usual queries to the MSSQL database, through the ORM Entity Framework. The thought came that it is impossible
to store values ​​in the table in an explicit form , but you need to encrypt them somehow or something . (i.e. so that the table field in the database does not look like "Admin" "12345"). Tell me which way to look. How to do it right? And how is this done in large-scale CMS? Thank you!

Answer the question

In order to leave comments, you need to log in

2 answer(s)
G
Grag, 2014-07-27
@Grag

Well, drive the password into md5 (this is php), then drive it and compare it by itself. Encrypt the password and at the same time make a prefix before the cipher: 1234 - this is the prefix suggested, qwertyuiop is the password. We sculpt the prefix and password together and encrypt. When entering this, we add 1234 to the value from the input before encryption

A
asdz, 2014-09-23
@asdz

Can you use ASP Net Identity or Membership? You can also look at the Simple Membersip Provider sources for how passwords are encrypted aspnetwebstack.codeplex.com/SourceControl/changese...
it uses the Crypto API which you can successfully use instead of self-coding. Crypto.HashPassword msdn.microsoft.com/ru-ru/library/system.web.helper... the password will be salted automatically.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question