在ASP.NET MVC 3中加密密码 [英] Encrypting passwords in ASP.NET MVC 3

问题描述

我试图在 ASP.NET MVC3 中创建自定义成员资格系统。

I'm trying to create a custom membership system in ASP.NET MVC3.

我知道有许多免费和开源提供商，但我这样做是为了了解更多。我的问题是关于加密密码。

I know there are many free and open source providers, but I'm doing this to learn more. My question is about encrypting passwords.

您建议我使用哪种算法： SHA1 ， SHA256 ， MD5 ， BCrypt 此外，您建议使用哪种方式创建密码盐？

Which algorithm do you suggest I use: SHA1, SHA256, MD5, BCrypt, or something else? Also, which way do you suggest to create a password salt?

推荐答案

BCrypt 如果你需要真正强的哈希。至于生成盐，您可以使用 RNGCryptoServiceProvider 类。这里是一篇文章，您可以检出。只需用BCrypt替换那里使用的SHA1算法。

BCrypt if you need really strong hash. As far as generating the salt is concerned, you could use the RNGCryptoServiceProvider class. Here's an article that you may checkout. Just replace the SHA1 algorithm used there with BCrypt.

这篇关于在ASP.NET MVC 3中加密密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！