如何验证密码 [英] how to validate the password

问题描述

嗨朋友，
我有一个自动生成密码的任务，在这种情况下，我使用日期，时间和天数.但是一个条件是，密码在该天有效，并且超过该天后，该应用程序不会自动运行.


字符串pwd，noofdays;
noofdays = textBox2.Text;
pwd = DateTime.Now.ToString("yyyyMMdd1221" +"+" + noofdays);
textBox3.Text = pwd;

HI friends,
i have a task that is automatically generate a password in this case i use date,time and no of days.But one condition is there the password is valid for that days and greater than that days the application is run not automatically.


String pwd, noofdays;
noofdays = textBox2.Text;
pwd = DateTime.Now.ToString("yyyyMMdd1221" + "+" + noofdays);
textBox3.Text = pwd;

推荐答案

在没有看到代码的情况下很难为您提供帮助，但是我怀疑您在登录时需要检查密码的有效性但是，您确实意识到有一个简单的方法可以解决此问题，对于Windows应用程序，不是吗?更改日期，登录，更改日期...您还应该注意:1)用户喜欢更改密码，因为否则他们不会记住密码，必须将其写下来；以及2)密码应为以散列形式存储以防止进行逆向工程:这意味着，除非他在登录时保留副本，否则您将无法恢复原始密码来检查日期的有效性！

在花费太多时间创建基于日期的密码之前，您可能需要更仔细地考虑要尝试的操作...

Without seeing and code, it is difficult to help you, but I suspect that you need to check the password validity when you log them in. However, you do realize that there is a simple way round this, for a windows app, don''t you? Change the date, log in, change the date back... You should also be aware that 1) users like to change passwords, because otherwise they don''t remember them and have to write them down, and 2) passwords should be stored in a hashed form to prevent reverse engineering: this means that you cannot recover the original password to check the validity of the date unless you keep a copy when he logs in!

You might want to think a bit more carefully about what you are trying to do before you spend too much time creating a date-based password...

我认为您需要同时存储两个创建密码后输入用户名和密码.但是:
如果安全性不是很重要(！)，则可以生成密码而不将其存储在数据库中.

例如:

I think you need to store both of user name and password after creating the password. but :
If the security is not very important (!) you can generate password without storing it in database.

for example:

public string GeneratePassword(string userName)
{
    if (string.IsNullOrEmpty(userName))
        return "NAN";

    userName = userName.ToUpper();

    return string.Format("{0}{1}{2}{3}", "8080110001",EncryptedUserName(userName), userName, DateTime.Now);
}

public int EncryptedUserName(string userName)
{
    int partOfSecurity = 0;
    foreach (char c in userName)
    {
        partOfSecurity += (int)c;
    }
    return partOfSecurity;
}
public bool IsAuthenticated(string userName, string passWord)
{
    if (string.IsNullOrEmpty(userName) || passWord.Length <10)
        return false;
     userName = userName.ToUpper();



     return
         (passWord.Substring(0, 10) == "8080110001" && passWord.Replace(EncryptedUserName(userName).ToString(), string.Empty) != passWord && passWord.Replace(userName, string.Empty) != passWord)
         ? true : false;
}

但是，我强调它的安全性很差.

But, I emphasize that it''s a poor security.

首先，要使用此功能，必须创建一个可能包含getdate()的日期检查函数.当且仅当此条件为true时，您才必须创建用于验证密码的passwordCheck函数，因为该密码将仅在1天后失效.对于生成自动密码的创建，您可以使用.NET的密码学类...希望对您有所帮助

First of all for using this feature you have to create a date check function it may contains getdate(). if and only if this condition will true then you have to create passwordCheck function for validation password because that password is going to expire in only 1 day. And for generating automatic password creation you can use Cryptography classes of .NET... Hope It Will Help You

这篇关于如何验证密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！