[dba-VB] [SPAM] Encrypt password

John W Colby jwcolby at gmail.com
Fri Feb 7 08:52:40 CST 2014


Use a one way hash to hash the password, then save that hash in the table.  When the user enters 
their password, hash it and compare to the stored hash.  If they match then the user entered the 
correct password.

No encryption, no keys, no stored password to be stolen.

John W. Colby

Reality is what refuses to go away
when you do not believe in it

On 2/6/2014 10:09 PM, Paul Hartland wrote:
> To all,
> I'm starting to write a vb.net app which will link to a sql server
> database, I want the passwords in the user table on the SQL server database
> to be encrypted one way, then if they forget the password can request a new
> one.  Firstly I used to use MD5 when I worked at my last company, but have
> heard this can be cracked, anyone have any other recommendations, I don't
> mind if the password encryption happens on the vb.net app or the sql server
> database.
> Thanks in advance for any help.

More information about the dba-VB mailing list