Hi..
I want to encrypt and decrypt a password using c#.net.If any body knows please help me.
divyakrishnan 20 Junior Poster
Narue 5,707 Bad Cop Team Colleague
I want to encrypt and decrypt a password using c#.net.
Don't encrypt your passwords. You should use a method that isn't reversible, which is why cryptographically secure one-way hashing is a common practice. Add a salt to the password (so identical passwords don't produce the same hash), then hash the combination a number of times. Add the unhashed salt to the hash, convert to a base 64 string for storage portability, and you're done. To check a password for validity, extract the salt and create a new hash with it, then compare to the stored hash:
using System;
using System.Text;
using System.Collections.Generic;
using System.Security.Cryptography;
class Application {
public static void Main()
{
string pass = "some kind of password";
List<string> stored = new List<string>();
for (int i = 0; i < 10; i++)
stored.Add(MungePassword(pass, null));
foreach (string s in stored) {
if (CheckPassword(s, pass))
Console.WriteLine("Password is valid");
else
Console.WriteLine("Password is NOT valid");
Console.WriteLine("\t'" + pass + "'");
Console.WriteLine("\t" + s);
}
}
private static string MungePassword(string password, byte[] salt)
{
if (salt == null) {
// Create a random salt if one isn't provided
salt = new byte[8];
using (var crng = new RNGCryptoServiceProvider())
crng.GetBytes(salt);
}
else if (salt.Length < 8)
throw new ArgumentException("Salt must be at least 8 bytes");
byte[] bytes = new UTF8Encoding().GetBytes(password);
var saltedPass = new byte[bytes.Length + 8];
// Combine the salt and password
Array.Copy(bytes, saltedPass, bytes.Length);
Array.Copy(salt, 0, saltedPass, bytes.Length, 8);
var hash = new SHA256Managed();
// Hash a suitably large number of times
for (int i = 0; i < 1000; i++)
saltedPass = hash.ComputeHash(saltedPass);
var storedPass = new byte[saltedPass.Length + 8];
// Prepend the unhashed salt to the hash for duplication purposes
Array.Copy(salt, storedPass, 8);
Array.Copy(saltedPass, 0, storedPass, 8, saltedPass.Length);
// Use a base 64 string for storage portability
return Convert.ToBase64String(storedPass);
}
private static bool CheckPassword(string stored, string password)
{
byte[] storedPass = Convert.FromBase64String(stored);
var salt = new byte[8];
Array.Copy(storedPass, salt, 8);
return stored == MungePassword(password, salt);
}
} cale.macdonald commented: Good description on how it should be done +2
kvprajapati commented: Absolutely! +11
AlBars 0 Newbie Poster
Use this(not my own code)
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.IO;
using System.Security.Cryptography;
using System.Data.SqlServerCe;
namespace Cloak
{
class AesEncrypt
{
public AesEncrypt()
{
}
/*Where dataToEncrypt is the actual string you want
to encrypt/decrypt. password is a minimum 8 char string to disguise the pw.An example would be "12345678". Same rules with the salt. Remember all 3 variables have to be the same in the encrypt and decrypt function for it to work. If you plan on storing the pw in a database be sure to define the column as an nchar or varbinary variable or else you will get "padding cant be removed" errors */
public string EncryptA(string dataToEncrypt, string password, string salt)
{
AesManaged aes = null;
MemoryStream memoryStream = null;
CryptoStream cryptoStream = null;
try
{
Rfc2898DeriveBytes rfc2898 = new Rfc2898DeriveBytes(password, Encoding.Unicode.GetBytes(salt));
aes = new AesManaged();
aes.KeySize = 256;
aes.BlockSize = 128;
aes.Key = rfc2898.GetBytes(aes.KeySize / 8);
aes.IV = rfc2898.GetBytes(aes.BlockSize / 8);
memoryStream = new MemoryStream();
cryptoStream = new CryptoStream(memoryStream, aes.CreateEncryptor(), CryptoStreamMode.Write);
byte[] data = Encoding.Unicode.GetBytes(dataToEncrypt);
cryptoStream.Write(data, 0, data.Length);
cryptoStream.FlushFinalBlock();
//Return Base 64 String
return Convert.ToBase64String(memoryStream.ToArray());
}
finally
{
if (cryptoStream != null)
cryptoStream.Close();
if (memoryStream != null)
memoryStream.Close();
if (aes != null)
aes.Clear();
}
}
public string DecryptA(string dataToDecrypt, string password, string salt)
{
AesManaged aes = null;
MemoryStream memoryStream = null;
CryptoStream cryptoStream = null;
try
{
//Generate a Key based on a Password, Salt and HMACSHA1 pseudo-random number generator
Rfc2898DeriveBytes rfc2898 = new Rfc2898DeriveBytes(password, Encoding.Unicode.GetBytes(salt));
aes = new AesManaged();
aes.KeySize = 256;
aes.BlockSize = 128;
aes.Key = rfc2898.GetBytes(aes.KeySize / 8);
aes.IV = rfc2898.GetBytes(aes.BlockSize / 8);
memoryStream = new MemoryStream();
cryptoStream = new CryptoStream(memoryStream, aes.CreateDecryptor(aes.Key,aes.IV), CryptoStreamMode.Write);
byte[] data = Convert.FromBase64String(dataToDecrypt);
cryptoStream.Write(data, 0, data.Length);
cryptoStream.FlushFinalBlock();
byte[] decryptBytes = memoryStream.ToArray();
return Encoding.Unicode.GetString(decryptBytes, 0, decryptBytes.Length);
}
finally
{
if (cryptoStream != null)
cryptoStream.Close();
if (memoryStream != null)
memoryStream.Close();
if (aes != null)
aes.Clear();
}
}
}
} Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.