Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
hirani_prashant
Yak Posting Veteran
93 Posts |
 Posted - 2008-04-16 : 04:38:55
|
| Hello,I do have one application in VC++ as a Front End & Sql Server 2005 as a Back End. i want to store my username's password in encrypted format, means no one can able to see the password. Ex:- if i enter password as a "xyz" then it should be save as a some encrypted [base 64 encoding scheme] format. Can any one help me out?Thanks Prashant Hirani |
|
|
SwePeso
Patron Saint of Lost Yaks
30421 Posts |
Posted - 2008-04-16 : 06:16:52
|
Never ever encrypt passwords in a table. Beacuse someone might be able to decrypt the password.You could make a HASH value and search that value. This value is not "decryptable".
E 12°55'05.25"N 56°04'39.16" |
 |
|
|
Lumbago
Norsk Yak Master
3271 Posts |
Posted - 2008-04-16 : 06:25:30
|
| MD5 is a one-way hashing algorithm that should be pretty safe to use. It will create a 36-character (hm, or was it 32?) "checksum" value of any length string you put in to it. Works great.-> http://www.codeproject.com/KB/database/xp_md5.aspx--Lumbago |
|
|
|
afrika
Master Smack Fu Yak Hacker
2706 Posts |
Posted - 2008-04-16 : 06:37:44
|
| also check some third party tools e.g.http://www.xpcrypt.com/http://www.quest.com/toad/I always wonder about encryptions, if most web portals encrypt passwords. 'cause when you request them. They give you back.Its only a few that get you to create a totally new password.What do you think ? |
|
|
|
SwePeso
Patron Saint of Lost Yaks
30421 Posts |
Posted - 2008-04-16 : 06:40:26
|
Maybe the clear-text passwords are not stored in same database as the one accessible from the web?
E 12°55'05.25"N 56°04'39.16" |
|
|
|
afrika
Master Smack Fu Yak Hacker
2706 Posts |
Posted - 2008-04-16 : 08:17:06
|
| Meaning Not all passwords are encrypted ??? |
|
|
|
|
|
|
how to encrypt password?