Asp.net密码哈希码生成 [英] Asp.net Password Hash Code Generation
问题描述
我知道这对你来说很奇怪,因为我认为他们是一个不成熟的程序员,我陷入困境。我正在尝试加密用户密码并对其进行身份验证。这是我的代码。
I know This is strange for you because i think em a immature programmer , I am stuck into a situation. i am trying to encrypt user password and authenticate them . here is my code .
String pas="Sun";
String salt = "Oj4zsl3RpCxoXVzkk0EVItepGq82Mv9Hs7W5tFmxKkk=";
String PassHash= getPasswordHashValue(pas, salt);
public static string getPasswordHashValue(string userpassword, string salt)
{
UnicodeEncoding uEncode = new UnicodeEncoding();
byte[] passunicode = uEncode.GetBytes(userpassword);
byte[] bytesalt = uEncode.GetBytes(salt);
byte[] byteresult = new byte[bytesalt.Length + passunicode.Length];
System.Buffer.BlockCopy(passunicode, 0, byteresult, 0, passunicode.Length);
System.Buffer.BlockCopy(bytesalt, 0, byteresult, passunicode.Length, bytesalt.Length);
System.Security.Cryptography.HashAlgorithm ha = HashAlgorithm.Create(Membership.HashAlgorithmType);
return Convert.ToBase64String(ha.ComputeHash(byteresult));
}
每次用户登录都会生成不同的哈希码,因此用户因为我已经存储了在数据库中注册用户时生成的密码哈希码。
这是用户的调试监视列表结果登录
Every Times The User Log in it generate Different Hash Code thus the user can not authenticate .As i have stored the hash code of password that has been generated while registering the user in the Database .
this is the debugging watch list result when user log in
select 1 from usertable where username='arif@gmail.com' or email='arif@gmail.com' and
password='ZQ9SsGwO0+Yh3FjxA3luBOwOMZClHN/rzkyF3KI5cXY='
select 1 from usertable where username='arif@gmail.com' or email='arif@gmail.com' and
password='CMKIdNBsb+mCvhYx4EYjywRxLWF2Ygl2Zhr9FsIW+NA='
select 1 from usertable where username='arif@gmail.com' or email='arif@gmail.com' and
password='10WWuTP/NUGr4Uxem3RJdmHyUtnLUcGdWCufS/SQgXI='
因为您可以看到生成的密码哈希码不同,这会产生验证问题用户。
as you can see the generated hash code of password is different which is creating problem for authenticating the user.
推荐答案
看看这个:密码存储:如何做到这一点。 [ ^ ]
这篇关于Asp.net密码哈希码生成的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
