How to Decrypt the Password From SqlServer2005
-
Hi, This is from Chandrakanth. I am doing Encrypt and Decrypt ther Password. Regarding Encryption I am saving Password in different format. I want to decrypt the Password from DataBase. How can i go for that. Is there any source code means please send me that. Thanks And Regards Chandrakanth
Chandrakanth
-
Hi, This is from Chandrakanth. I am doing Encrypt and Decrypt ther Password. Regarding Encryption I am saving Password in different format. I want to decrypt the Password from DataBase. How can i go for that. Is there any source code means please send me that. Thanks And Regards Chandrakanth
Chandrakanth
You may google about how to encrypt and decrypt in C#. C# encryption and decryption but I have a few suggestions for you. 1. There should NOT be any decryption for password. [ Encrypted == Encrypted ] In our projects, we never use the encryption method that can be decrypted. This is for security reason.. If we wanna verify whether a particular password is correct or not, we match the encrypted password from database and the encrypted password that is encrypted from the plain text which is typed by user... 2. Password should not be stored what the user entered. For example, the user set the password "abc123". then, we append some checksum or something to the password. (e.g. "abc123" + "USR1092" ) then, we encrypt this text and save it in the database. 3. The password should not be sent to the user in plain text format if the user lost the password. In case the user lost the password and he/she wanna recovery then you should give the user a way to reset the password.. (You should not mail the decrypted password back to the user)
Thanks and Regards, Michael Sync ( Blog: http://michaelsync.net) "Please vote to let me (and others) know if this answer helped you or not. A 5 vote tells people that your question has been answered successfully and that I've pitched it at just the right level. Thanks."
-
Hi, This is from Chandrakanth. I am doing Encrypt and Decrypt ther Password. Regarding Encryption I am saving Password in different format. I want to decrypt the Password from DataBase. How can i go for that. Is there any source code means please send me that. Thanks And Regards Chandrakanth
Chandrakanth
Hi ..Frd....once try this code...this is decryption..:rose: private string Decrypt(string strText, string sDecrKey) { byte[] byKey; byte[] IV = {18, 52, 86, 120, 144, 171, 205, 239}; byte[] inputByteArray; // inputByteArray.Length = strText.Length; try { byKey = System.Text.Encoding.UTF8.GetBytes(sDecrKey.Substring(0, 8)); DESCryptoServiceProvider des = new DESCryptoServiceProvider(); inputByteArray = Convert.FromBase64String(strText); MemoryStream ms = new MemoryStream(); CryptoStream cs = new CryptoStream(ms, des.CreateDecryptor(byKey, IV), CryptoStreamMode.Write); cs.Write(inputByteArray, 0, inputByteArray.Length); cs.FlushFinalBlock(); System.Text.Encoding encoding = System.Text.Encoding.UTF8; return encoding.GetString(ms.ToArray()); } catch (Exception ex) { return ex.Message; } }
Naik M
-
You may google about how to encrypt and decrypt in C#. C# encryption and decryption but I have a few suggestions for you. 1. There should NOT be any decryption for password. [ Encrypted == Encrypted ] In our projects, we never use the encryption method that can be decrypted. This is for security reason.. If we wanna verify whether a particular password is correct or not, we match the encrypted password from database and the encrypted password that is encrypted from the plain text which is typed by user... 2. Password should not be stored what the user entered. For example, the user set the password "abc123". then, we append some checksum or something to the password. (e.g. "abc123" + "USR1092" ) then, we encrypt this text and save it in the database. 3. The password should not be sent to the user in plain text format if the user lost the password. In case the user lost the password and he/she wanna recovery then you should give the user a way to reset the password.. (You should not mail the decrypted password back to the user)
Thanks and Regards, Michael Sync ( Blog: http://michaelsync.net) "Please vote to let me (and others) know if this answer helped you or not. A 5 vote tells people that your question has been answered successfully and that I've pitched it at just the right level. Thanks."
Michael Sync wrote:
There should NOT be any decryption for password.
Yes it's a secure method. Hashing right ? But it always annoys the developers to test the functionality. It annoys user too once they forgot the password. But security point of view, it's the best.
All C# applications should call Application.Quit(); in the beginning to avoid any .NET problems.- Unclyclopedia My Website | Ask smart questions
-
Michael Sync wrote:
There should NOT be any decryption for password.
Yes it's a secure method. Hashing right ? But it always annoys the developers to test the functionality. It annoys user too once they forgot the password. But security point of view, it's the best.
All C# applications should call Application.Quit(); in the beginning to avoid any .NET problems.- Unclyclopedia My Website | Ask smart questions
N a v a n e e t h wrote:
Yes it's a secure method. Hashing right ?
Yeah.
N a v a n e e t h wrote:
But it always annoys the developers to test the functionality
haha.. :-) ya..
Thanks and Regards, Michael Sync ( Blog: http://michaelsync.net) "Please vote to let me (and others) know if this answer helped you or not. A 5 vote tells people that your question has been answered successfully and that I've pitched it at just the right level. Thanks."
-
You may google about how to encrypt and decrypt in C#. C# encryption and decryption but I have a few suggestions for you. 1. There should NOT be any decryption for password. [ Encrypted == Encrypted ] In our projects, we never use the encryption method that can be decrypted. This is for security reason.. If we wanna verify whether a particular password is correct or not, we match the encrypted password from database and the encrypted password that is encrypted from the plain text which is typed by user... 2. Password should not be stored what the user entered. For example, the user set the password "abc123". then, we append some checksum or something to the password. (e.g. "abc123" + "USR1092" ) then, we encrypt this text and save it in the database. 3. The password should not be sent to the user in plain text format if the user lost the password. In case the user lost the password and he/she wanna recovery then you should give the user a way to reset the password.. (You should not mail the decrypted password back to the user)
Thanks and Regards, Michael Sync ( Blog: http://michaelsync.net) "Please vote to let me (and others) know if this answer helped you or not. A 5 vote tells people that your question has been answered successfully and that I've pitched it at just the right level. Thanks."
Michael Sync wrote:
2. Password should not be stored what the user entered. For example, the user set the password "abc123". then, we append some checksum or something to the password. (e.g. "abc123" + "USR1092" ) then, we encrypt this text and save it in the database.
I mean, password with salt :)
Thanks and Regards, Michael Sync ( Blog: http://michaelsync.net) "Please vote to let me (and others) know if this answer helped you or not. A 5 vote tells people that your question has been answered successfully and that I've pitched it at just the right level. Thanks."