HOWTO在注册表中保存密码 [英] Howto save a password in the registry

问题描述

我有一个远程接口的桌面应用程序。到远程接口的访问是通过用户名和密码保护。

I have a desktop application with a remote interface. The access to the remote interface is secured by a username and password.

什么是安全地保存这些密码，最好的办法，最好是在注册表中？

What would be the best way to save these password securely, preferably in the registry?

推荐答案

您将需要保存的哈希密码（无论是在注册表中或其他地方）。然后，当用户输入他们的密码，您检查他们的哈希版本输入什么作为存储哈希的版本。如果这些匹配，那么密码匹配，您可以让用户。

You would need to save the hashed password (be it in the registry or somewhere else). Then when the user enters their password you check the hashed version of what they enter with the hashed version as stored. If these match then the passwords match and you can let the user in.

这路你不存储任何人以纯文本的密码（包括你自己）来获得在并获得为别人

This way you're not storing the password in plain text for anyone (including yourself) to get at and gain access as someone else.

至于哪个哈希算法使用 - 我不知道。有很多选择，所以我不愿意推荐一个盲人。我建议你找几个和评估。 CSharpFriends 有一篇文章，看起来像它可能是一个很好的起点。

As to which hash algorithm to use - I don't know. There are plenty to choose from, so I'm reluctant to recommend one blind. I'd suggest you find several and evaluate them. CSharpFriends has an article which looks like it might be a good starting point.

这篇关于HOWTO在注册表中保存密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！