Databases
StackOverflow2013
Postsdbo
PO
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    primarykey
    data
    text
    <p>You need to storage the hashed password and the salt in the database. Use a <strong>random salt</strong> for each user (A GUID should be fine) You can hash your passwords with something like that:</p> <p>Remember to add the <code>using System.Security.Cryptography;</code> namespace.</p> <pre><code> public static string ComputeHash(string passwordPlainText, string saltString) { // Convert plain text into a byte array. byte[] saltBytes = Encoding.UTF8.GetBytes(saltString); // Convert plain text into a byte array. byte[] plainTextBytes = Encoding.UTF8.GetBytes(plainText); // Allocate array, which will hold plain text and salt. byte[] plainTextWithSaltBytes = new byte[plainTextBytes.Length + saltBytes.Length]; // Copy plain text bytes into resulting array. for (int i = 0; i &lt; plainTextBytes.Length; i++) plainTextWithSaltBytes[i] = plainTextBytes[i]; // Append salt bytes to the resulting array. for (int i = 0; i &lt; saltBytes.Length; i++) plainTextWithSaltBytes[plainTextBytes.Length + i] = saltBytes[i]; // Because we support multiple hashing algorithms, we must define // hash object as a common (abstract) base class. We will specify the // actual hashing algorithm class later during object creation. HashAlgorithm hash; hash = new SHA256Managed(); // Compute hash value of our plain text with appended salt. byte[] hashBytes = hash.ComputeHash(plainTextWithSaltBytes); // Create array which will hold hash and original salt bytes. byte[] hashWithSaltBytes = new byte[hashBytes.Length + saltBytes.Length]; // Copy hash bytes into resulting array. for (int i = 0; i &lt; hashBytes.Length; i++) hashWithSaltBytes[i] = hashBytes[i]; // Append salt bytes to the result. for (int i = 0; i &lt; saltBytes.Length; i++) hashWithSaltBytes[hashBytes.Length + i] = saltBytes[i]; // Convert result into a base64-encoded string. string hashValue = Convert.ToBase64String(hashWithSaltBytes); // Return the result. return hashValue; } </code></pre> <p>You can change <code>SHA256Managed</code> for any other supported hash algorithm.</p> <p><strong>Update</strong>: I think you need to understand the concept first. I'll try to explain it:</p> <p>Before login you need to have the users created in your database. To create them you need username and password.</p> <ol> <li>Generate a random SALT, <code>Guid.NewGuid().ToString();</code> for example.</li> <li>Now you add this salt to your password and hash the result, the meaning of this is increase the security of your password against brute force attacks. (This step can be done with the function <code>string ComputeHash(string passwordPlainText, string saltString)</code> I posted before.</li> <li>Save username(provide by user), salt(guid) and password(result of computeHash) in the database.</li> <li>Login using the table with the user data!</li> </ol>
    singulars
    1. This table or related slice is empty.
    1. POCreate a password encrypted and store it in sqlite to use in authentication
      singulars
      1. PTQuestion
    1. PTAnswer
    1. USD.Rosado
    1. USD.Rosado
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTDownMod
    1. COFirst,thank you for your answer, I'm newer in this thread, so i have a form of login (currently, i have one userlogin and psw in the code and i compare with what the user enter), if i want to use what you propose, how should i process?
      singulars
      1. PO
      1. USOstorlabi
    2. CO@Ostorlabi I explained the concept behind this in the answer.
      singulars
      1. PO
      1. USD.Rosado
    3. CO-1 for using single iteration hashing. Use PBKDF2, bcrypt or scrypt.
      singulars
      1. PO
      1. USCodesInChaos
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload