我正在C#ASP.Net中开发求职网站 [英] I am developing a job search website in C# ASP.Net
本文介绍了我正在C#ASP.Net中开发求职网站的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
大家好,
我正在C#ASP.Net中开发求职网站.
我使用了RSA加密算法,该算法在登录时对数据库中的登录ID和密码进行加密.
现在,这是第二次相同的客户端登录该网页.我无法跟踪他在同一网站上的计数,因为它为不匹配的登录ID和密码提供了RSA加密错误.
我不需要Microsoft IDE 2008提供的静态计数方法.
谁能为此提供解决方案
问候
Amul
Hello All,
I am developing a job search website in C# ASP.Net.
I have used a RSA Encryption Alogrithm which Encrypts login Id and Password in Database while logging in.
Now when for the second time the same client logs in the webpage. I am not able to track his count for the same website because it gives RSA Encryption error for unmatched Login ID and password.
I don''t want a Static Count method provided by Microsoft IDE 2008.
Can any one provide a solution for this
Regards
Amul
推荐答案
没有代码?编号
密码的首要规则:请勿加密.
而是将登录ID清除存储.这样,您就可以搜索用户并检查密码.比寻找可以针对不同用户的加密组合要安全得多.
如果用户忘记了密码,也可以根据该登录名为其重置密码.
然后,将用户输入的密码与数据库存储的登录ID结合起来(以确保登录ID始终是相同的大小写),并生成一个哈希值.它曾经是MD5,但不建议用于新系统,因此请使用SHA.将此值与数据库存储的值进行比较.如果匹配,则登录通过.如果没有,他就不会进去.
这样一来,密码就永远不会以可以以任何方式重新生成的形式存储,即使复制了整个数据库也是如此.哈希值中包含登录ID意味着两个具有相同密码的用户仍然具有不同的哈希值.
Without code? No.
First rule of passwords: don''t encrypt.
Instead, store the Login ID in clear. That way you can just search for the user, and check the password. Much safer than looking for an encrypted combination which could conceivably be for a different user...
You can also reset a password for a user based on this login name if he forgets.
Then, combine the user entered password with the database stored Login ID (to ensure that Login ID is always the same case) and generate a hash value. It used to be an MD5, but that is not recommended for new systems, so use SHA instead. Compare this value against the database stored value. If it matches, the login passes. If it doesn''t, he don''t get in.
This way the password is never stored in a form which can in any way be re-generated, even if your entire database is copied. The inclusion of the Login ID in the hash value means that two users with the same password still have different hash values.
这篇关于我正在C#ASP.Net中开发求职网站的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
