md5 wih salt
-
hai all, i have implemented md5 in my login page for security purpose. Is this md5 is clienside/serverside? because in html anybody can see the salt value. function am using function md5auth(password) { var seed; seed=null; seed="&<%=Session("salt")%>;"; password.value= MD5(seed+MD5(password.value)); return true; } and on button click event am implemnting the following code txt3.Text = FormsAuthentication.HashPasswordForStoringInConfigFile(str_pwd.ToString().Trim(), "md5") txt2.Text = FormsAuthentication.HashPasswordForStoringInConfigFile((Session("salt") + txt3.Text.Trim.ToLower()), "md5") if txt_pwd.text=txt2.text then response.redirect("Default.aspx") end if i dont understand whether it is both client and server side or only client side.??
kissy
-
hai all, i have implemented md5 in my login page for security purpose. Is this md5 is clienside/serverside? because in html anybody can see the salt value. function am using function md5auth(password) { var seed; seed=null; seed="&<%=Session("salt")%>;"; password.value= MD5(seed+MD5(password.value)); return true; } and on button click event am implemnting the following code txt3.Text = FormsAuthentication.HashPasswordForStoringInConfigFile(str_pwd.ToString().Trim(), "md5") txt2.Text = FormsAuthentication.HashPasswordForStoringInConfigFile((Session("salt") + txt3.Text.Trim.ToLower()), "md5") if txt_pwd.text=txt2.text then response.redirect("Default.aspx") end if i dont understand whether it is both client and server side or only client side.??
kissy
It is getting the session("salt") from server to client. Say salt = 50 in server, so in client side you see seed = 50 rather than seed = <%session("salt")%>
Abhishek Sur My Latest Articles Basics on LINQ and Lambda Expressions
Create .NET Templates -
It is getting the session("salt") from server to client. Say salt = 50 in server, so in client side you see seed = 50 rather than seed = <%session("salt")%>
Abhishek Sur My Latest Articles Basics on LINQ and Lambda Expressions
Create .NET Templates -
ya ur correct,in this way is this a serverside encryption or client side encryption.?
kissy
Its a client side encryption as MD5 function is just a javascript function where the salt comes from the server. :rose:
Abhishek Sur My Latest Articles Basics on LINQ and Lambda Expressions
Create .NET Templates