匹配的用户名&套接字编程中服务器端的密码 [英] Matching username & password at server side in socket programming

问题描述

嗨！我正在大学项目中.
我正在设计一个由2种不同的网银系统组成，即服务器(管理员)和客户端(客户).

我不知道如何匹配客户端发送到服务器的用户名和密码，以及如何匹配服务器端的这些详细信息并提供对客户端的访问权限.

谁能帮我提供代码.
我正在寻找vb.net中的TCP连接.

请帮忙，因为我已经很快提交了项目.....

Hi!! I am working on a college projec.
I am designing a net banking system consisting of 2 different i.e. a server(admin) and a client(customer).

I don''t know how to match the username & password sent by the client to the server & match those details on the server side and give access to the client.

Can anyone help me with the code.
TCP connection in vb.net is what I am looking for.

Please help guys as I''ve to submit the project very soon.....

推荐答案

通常，用户ID保存在数据库表中，并且密码会被散列并存储:因此，您永远不会以明文形式存储密码.通常，在对用户名进行哈希处理之前，会将密码与用户名结合使用，以防止具有相同密码的两个用户生成相同的哈希值.

由于哈希不是加密-加密可以逆转，哈希不能-密码永远不会以可读格式存储，因此数据库入侵无法透露任何密码.当您检查用户登录名时，可以从他提供的信息中重新生成哈希值，并对照数据库的存储值进行检查.如果匹配，请登录他！

哈希通常是MD5，但不建议在新设计中使用，并且MD5正式被破坏"了-在某些情况下，可能会根据哈希值生成可输入类型的密码-建议改用SHA. .NET作为 System.Cryptography [ ^ ]命名空间.

SHA256类 [

Normally, the user id is held in a database table, and the password is hashed and also stored: so you are never storing the password in clear. Frequently, the password is combined with the username before it is hashed to prevent two users with the same password from generating the same hash.

Because hashing is not encryption - encryption can be reversed, hashing can''t - the password is never stored in a readable format, so database intrusion cannot reveal any passwords. When you check a user login, you regenerate the hash from the information he supplied, and check that against the database stored value. If it matches, log him in!

Often the hash is MD5, but that is not recommended for new designs, and MD5 is officialy "broken" - it is possible in some cases to generate a type-able password from teh hash value - and it is recommended to use SHA instead. .NET supports MD5 and SHA as part of the System.Cryptography[^] namespace.

The SHA256 Class[^] includes a small example of how to hash information.

这篇关于匹配的用户名&套接字编程中服务器端的密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！