Password Hashes

When I receive more than 1 request for a post, I like to fulfill the request ;)

Hashes are a cryptographic method of providing a one-way encoding of information which yields a hash value of the original value. This hash value can only be recreated using the exact same information again, and it is impossible to retrieve the original information from the hash. The strength of the hash algorithm lies in these facts.

This makes hashes perfect for encoding passwords for storage, as to check a password, the hashes are calculated and compared, rather than the plain password.

So, here’s a simple way of hashing a password in a standardised manner in .NET:


string HashedPassword =
FormsAuthentication.HashPasswordForStoringInConfigFile(
txtPassword.Text, "sha1");
if(strUserInputtedHashedPassword == storedHashedValue)
{
// sign-in successfull
}
else
{
// sign-in failed
}

Win an Annual Membership to Learnable,

SitePoint's Learning Platform

  • http://www.modulemedia.com zakruvalcaba

    DAH!

    I just wrote a SitePoint article on Password Hashing. Should be up soon…Kev is reviewing it as I post this comment.

  • cchiuyi

    could you provide more resources ?
    links to website that related to the topic…

    thank you in advance