我已经加密了我的密码但是当我登录时它给了我一个错误。怎么能解密它 [英] i already encrypt my password but when i log in it gives me an error. how can decrypte it

问题描述

你能告诉我如何解密吗

推荐答案

你永远不应该解密密码。你永远不应该开发一个系统密码需要解密，或者需要存储密码，或者任何人都可能知道用户创建的密码。这种做法不安全，从不需要。如果您考虑一下，您就会明白验证时绝对不需要原始密码。



不同意？感到疑惑？继续阅读。



通常使用的解决此问题的方法之一是在两种情况下计算加密哈希函数并存储哈希。如果您想说这个存储的值只是加密密码，请再想一想。最大的区别是：加密哈希根本无法解密，这是一个单向函数。因此，从哈希计算密码是不可行的（当然，它与系统权限无关：这对任何人来说都是不可行的）。这不是必需的：你只需存储哈希值并将哈希值与哈希值进行比较。



请参阅：

http://en.wikipedia.org/wiki/Cryptographic_hash_function [ ^ ]，

http ：//en.wikipedia.org/wiki/Computational_complexity_theory#Intractability [ ^ ]。







你需要的算法已经是可在.NET中获得：

http：// msdn .microsoft.com / zh-cn / library / system.security.cryptography.hashalgorithm.aspx [ ^ ]。



不要使用MD5或SHA-1 - 它们被发现被打破;更好地使用SHA-2系列中的一个：

http://en.wikipedia.org/wiki/ MD5 [ ^ ]，

http://en.wikipedia.org/wiki/SHA-1 [ ^ ]，

http://en.wikipedia.org/wiki/SHA-2 [ ^ ]。



[END EDIT]



请查看我过去的答案：

以安全的方式存储密码值int sql server [ ^ ]，

解密加密密码 [ ^ ]。

-SA

You should never ever decrypt a password. You should never develop a system where a password needs to be decrypted, or where a password needs to be stored, or where there is a possibility that any person can know a password created by a user. Such practices are unsafe and never needed. If you think about it, you will understand that the original password is absolutely not needed for authentication.

Disagree? Feel puzzled? Keep reading.

One of the ways of solving this problem which is usually used is calculation of a cryptographic hash function in both cases and storing the hash. If you want to say that this stored value is just the encrypted password, think again. The big difference is: the cryptographic hash cannot be decrypted at all, this is a one-way function. So, it''s infeasible to calculate a password from hash (and, of course, it has nothing to do with system permissions: this is equally infeasible for anyone). And this is not needed: you just store hash and compare hash with hash.

Please see:
http://en.wikipedia.org/wiki/Cryptographic_hash_function[^],
http://en.wikipedia.org/wiki/Computational_complexity_theory#Intractability[^].



The algorithms you need are already available in .NET:
http://msdn.microsoft.com/en-us/library/system.security.cryptography.hashalgorithm.aspx[^].

Don''t use MD5 or SHA-1 — they are found to be broken; better use one from the SHA-2 family:
http://en.wikipedia.org/wiki/MD5[^],
http://en.wikipedia.org/wiki/SHA-1[^],
http://en.wikipedia.org/wiki/SHA-2[^].

[END EDIT]

Please see my past answers:
storing password value int sql server with secure way[^],
Decryption of Encrypted Password[^].

—SA

在mysql中你可以使用查询，如login_tb中的select password，其中binary username = + txt1.text;

In mysql you can use Query like select password from login_tb where binary username=+txt1.text;

尝试这些代码：

TRY THESE CODE:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Security.Cryptography;
using System.Data;
using System.Windows.Forms;
namespace Inventory_Accountancy
{
public class Cryptography
{
private static string _key;
 
public Cryptography() { }
public static string key { set { _key = value; } }
 
public static string Encrypt(string encrypt)
{
try
{
return Encrypt(encrypt, _key);
}
catch (Exception ex)
{
return "Wrong " + ex.Message.ToString();//,"Inventory Accountancy",MessageBoxButtons.OK,MessageBoxIcon.Error);
}
}
 
internal static string Encrypt(string encrypt, string strKey)
{
try
{
TripleDESCryptoServiceProvider objDESC = new TripleDESCryptoServiceProvider();
MD5CryptoServiceProvider objHashMD5 = new MD5CryptoServiceProvider();
byte[] byteHash, byteBuff;
 
byteHash = objHashMD5.ComputeHash(ASCIIEncoding.ASCII.GetBytes(strKey));
objHashMD5 = null;
objDESC.Key = byteHash;
objDESC.Mode = CipherMode.ECB;
 
byteBuff = ASCIIEncoding.ASCII.GetBytes(encrypt);
return Convert.ToBase64String(objDESC.CreateEncryptor().TransformFinalBlock(byteBuff, 0, byteBuff.Length));
}//objDESCrypto.CreateEncryptor().TransformFinalBlock(byteBuff, 0, byteBuff.Length)
catch (Exception ex)
{
return "Wrong " + ex.Message.ToString();
}
}
 
public static string Decrypt(string decrypt)
{
try
{
return Decrypt(decrypt, _key);
}
catch (Exception ex)
{
return "Wrong " + ex.Message.ToString();
}
}
 
public static string Decrypt(string decrypt, string strkey)
{
try
{
TripleDESCryptoServiceProvider objDESC = new TripleDESCryptoServiceProvider();
MD5CryptoServiceProvider objHashMD5 = new MD5CryptoServiceProvider();
byte[] byteHash, byteBuff;
string tempStrKey = strkey;
 
byteHash = objHashMD5.ComputeHash(ASCIIEncoding.ASCII.GetBytes(tempStrKey));
objHashMD5 = null;
objDESC.Key = byteHash;
objDESC.Mode = CipherMode.ECB;
 

byteBuff = Convert.FromBase64String(decrypt);
string strDecrypted = ASCIIEncoding.ASCII.GetString(objDESC.CreateDecryptor().TransformFinalBlock(byteBuff, 0, byteBuff.Length));
objDESC = null;
 
return strDecrypted;
}
catch (Exception ex)
{
return "Wrong " + ex.Message.ToString();
}
}
}
}

这篇关于我已经加密了我的密码但是当我登录时它给了我一个错误。怎么能解密它的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！