Geeks With Blogs
Jeroen Bourdeaud'hui web application developer
If you want, to hash your passwords, for storing in the database. This post could be useful.

You can hash your password using the FormsAuthentication.HashPasswordForStoringInConfigFile method.
This must be the longest method name in the .NET Framework.

Ex. How to use this method
FormsAuthentication.HashPasswordForStoringInConfigFile(password, passwordFormat)

Dim hashMethod As String = "MD5" 'SHA1
Dim hashedPassword As String = _
FormsAuthentication.HashPasswordForStoringInConfigFile(password.Text, hashMethod)


The parameters this method uses, are the password and format you want to use (MD5/SHA1). The method returns a hashed string.
After this you could store this encrypted value in your database. (! This is an one way hashing method, so you can't recover the original value !)
This method could minimize the code you have write.

In the next functions, you can see MD5 and SHA1 working, without the HashPasswordForStoringInConfigFile method.

Public Shared Function getMD5(ByVal input As String) As String
        Dim pas As String = ""
        Dim x As New System.Security.Cryptography.MD5CryptoServiceProvider()

        Dim bs As Byte() = System.Text.Encoding.UTF8.GetBytes(input)
        bs = x.ComputeHash(bs)

        Dim sb As New System.Text.StringBuilder()
        For Each b As Byte In bs
            sb.Append(b.ToString("x2").ToLower())
        Next

        pas = sb.ToString()
       
        Return pas
    End Function
   
    Public Shared Function getSha1(ByVal sPassword As String) As String
        Dim myString As String = sPassword
        Dim Data As Byte()

        Data = Encoding.ASCII.GetBytes(myString)
        Dim shaM As New SHA1Managed()
        Dim resultHash As Byte() = shaM.ComputeHash(Data)
        Dim resultHexString As String = ""
        Dim b As Byte

        For Each b In resultHash
            resultHexString += Hex(b)
        Next
        Return resultHexString
    End Function


Let's hope someone can use this! Posted on Wednesday, April 15, 2009 8:37 PM asp.net , security | Back to top


Comments on this post: Hashing passwords using MD5/SHA1

No comments posted yet.
Your comment:
 (will show your gravatar)


Copyright © Jeroen Bourdeaud'hui | Powered by: GeeksWithBlogs.net