Plateforme Level Extreme
Abonnement
Profil corporatif
Produits & Services
Support
Légal
English
User passwords not encrypted
Message
De
07/08/2007 12:32:23
Greg Lee
Gcl Software
Newport Beach, Californie, États-Unis
 
 
À
06/08/2007 15:21:41
Tony Scarpelli
Maine Medical Center
Portland, Maine, États-Unis
Information générale
Forum:
ASP.NET
Catégorie:
The Mere Mortals .NET Framework
Titre:
Re: User passwords not encrypted
Versions des environnements
Environment:
VB 8.0
OS:
Windows XP SP2
Divers
Thread ID:
01246054
Message ID:
01246527
Vues:
28
I agree about the need for encrypting the passwords. It's easy to add this to MM. We added a PasswordSalt field to the Users table and lengthened the Password field length. The user's password is appended to PasswordSalt and then hashed using the .NET SHA1 functionality. Prior to calling Login or authenticating the user, just append the password that the userr entered to PasswordSalt and hash it. Then compare the hashed passwords.
Greg Lee
GCL Software
Précédent
Répondre
Fil
Voir

Click here to load this message in the networking platform