6
Answers

encrypted and decrypted Password

Soheb Ahmad

Soheb Ahmad
May 08
468
1

how to use encrypted and decrypted Password for storing in databse and after that use it for login using Asp.net MVC.

Answers (6)
2
Amit Mohanty

Amit Mohanty

16 52.2k 6.1m May 09

Check the below links:
https://www.aspsnippets.com/Articles/3639/ASPNet-Core-MVC-Encrypt-and-Decrypt-Username-or-Password-stored-in-database/
https://www.code2night.com/Blog/MyBlog/How-to-Encrypt-and-Decrypt-Password-in-Asp.Net-

1
Jaimin Shethiya

Jaimin Shethiya

48 30.6k 599.6k May 09

Hello Soheb,

Here is the article links,

https://stackoverflow.com/questions/785016/best-practices-for-encrypting-and-decrypting-passwords-c-net
https://www.c-sharpcorner.com/article/encryption-and-decryption-using-a-symmetric-key-in-c-sharp/

 

Thanks

1
Naimish Makwana

Naimish Makwana

134 13.8k 201.2k May 09

To use encryption and decryption for storing passwords in a database and then using it for login in an ASP.NET MVC application.

Here’s a simple step-by-step guide:

  1. Install the necessary package: Install the System.Security.Cryptography namespace which provides cryptographic services, including secure encoding and decoding of data.

  2. Encrypt the Password: When a user is registering or changing their password, you should hash the password. Here’s a simple way to do that:

using System.Security.Cryptography;
using System.Text;

public string EncryptPassword(string password)
{
    SHA256 sha256 = SHA256.Create();
    byte[] bytes = Encoding.UTF8.GetBytes(password);
    byte[] hash = sha256.ComputeHash(bytes);
    return GetStringFromHash(hash);
}

private string GetStringFromHash(byte[] hash)
{
    StringBuilder result = new StringBuilder();
    for (int i = 0; i < hash.Length; i++)
    {
        result.Append(hash[i].ToString("X2"));
    }
    return result.ToString();
}

 

  1. Store the Encrypted Password: Store this hashed password in your database. Never store the plain-text password.

  2. Verify the Password: When a user logs in, hash the password they enter in the same way as before, and compare it to the hashed password in your database.

 

public bool VerifyPassword(string enteredPassword, string storedHash)
{
    string hashedPassword = EncryptPassword(enteredPassword);
    return hashedPassword == storedHash;
}

Thanks

1
Jaimin Shethiya

Jaimin Shethiya

48 30.6k 599.6k May 09

Hello Soheb,

When you store data on the database side, you need to encrypt the password, update that value in the password field or properties, and save the data in the database.

When the user uses the password at that time, you need to bring that password from the database, decrypt that password, and compare both values; if they match, then provide grant access; otherwise, you won't.

Here are some links for how to encrypt and decrypt things on the C# side.

https://stackoverflow.com/questions/785016/best-practices-for-encrypting-and-decrypting-passwords-c-net
https://www.c-sharpcorner.com/article/encryption-and-decryption-using-a-symmetric-key-in-c-sharp/

Thanks

1
Tural Suleymani

Tural Suleymani

132 14k 513.1k May 08

  1. Encryption: Encrypt the password before storing it in the database. You can use cryptographic hashing algorithms like bcrypt, PBKDF2, or SHA-256. ASP.NET provides built-in support for hashing passwords using the System.Security.Cryptography namespace.

  2. Storage: Store the encrypted password in your database. Make sure the field in your database table is large enough to accommodate the encrypted password.

  3. Login: When a user attempts to log in, you hash the provided password and compare it with the stored, encrypted password in the database. If the hashes match, the passwords match.

0
Soheb Ahmad

Soheb Ahmad

984 731 12.1k May 09

sir can you provide any articale with Example.

Next Recommended Forum