如何盐和使用C#哈希密码值? [英] How to salt and hash a password value using c#?
问题描述
我才知道密码的存储哈希值是从的存储密码在数据库 ...
I came to know that storing hash value of a password is a safe one from Preferred Method of Storing Passwords In Database...
-
如何盐和使用C#哈希密码值
How to salt and hash a password value using c#?
如何比较这两种存储在数据库中的值和一个用户?
How to compare both the values stored in DB and the one given by the user?
推荐答案
最流行的方式做到这一点是使用哈希算法。有一个很好的博客帖子这里有关如何使用MD5算法散列的串,但也有在 System.Cryptography
空间许多其他的例子。
The most popular way to do this is using a hashing algorithm. There's an excellent blog post here about how to use the MD5 algorithm to hash a string, but there are many other examples in the System.Cryptography
namespace.
至于#2,一般一步一步的指导,如何做到这一点的工作将是以下内容:
As for #2, the general step-by-step guide to how this would work would be the following:
在报名:
- Hash a user's password using your specified algorithm and store it in the database
- Salt this hash (optional, but preferred)
在登录/用户放大器;密码检查:
- 在数据库中查找输入用户名
- 如果它存在,检索哈希密码
- 哈希和盐的输入的密码,并将其与检索到的密码
这一切都比较啰嗦,但它是非常安全的。
It's all relatively long-winded, but it's very secure.
有另外一个对散列的极为深入的指南和盐<一个HREF =http://www.obviex.com/samples/hash.aspx>这里。
There's another extremely in-depth guide on hashing and salting here.
这篇关于如何盐和使用C#哈希密码值?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!