0

I have a database of logins and passwords. I wouldn't like that anyone who has access to the database can see everybody's password. How can I encrypt the passwords in the database?

In other words, I want the fields pwd (password) to be encrypted in the database but it is automatically decrypted when I enter it in the LoginForm.

I have found a method that encrypt the strings input but it doesn't solve my issue.

static string Encrypt(string value)
{
    using (MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider())
    {
        UTF8Encoding utf8 = new UTF8Encoding();
        byte[] data = md5.ComputeHash(utf8.GetBytes(value));
        return Convert.ToBase64String(data);
    }
}

private void BtnEncrypt_Click(object sender, EventArgs e)
{
    if (string.IsNullOrEmpty(txtPass.text))
    {
        MessageBox.Show("Please enter your password !");
    }
    texResult.Text=Encrypt(txtPass.Text);
}

Please, can somebody help me.
Thanks in advance.

Improve this question
9
  • 4
    MD5 is not the most secure way to do this tho. I believe there are tons of online decrypt websites to decrypt md5 strings. Commented May 11, 2016 at 9:57
  • Passwords are only one direction (encrypt). You can't take an encrypted password and get the un-encrypted password. You have to store in the database both the password and the encrypted password in the database. Commented May 11, 2016 at 9:58
  • Dont use MD5, it'd be very fast to brute force your PW hashes. Use something like PBKDF2 or bcrypt which are much slower. Commented May 11, 2016 at 10:00
  • Store only encrypted password in database. Then, when user is trying to log in, encrypt txtPass.text and compare it with database. Commented May 11, 2016 at 10:02
  • 4
    Why do you need to decrypt passwords? You can encrypt the input login details and compare the encrypted output strings. Commented May 11, 2016 at 10:04

4 Answers 4

Reset to default
1

You can Encrypt your password using your Encrypt function and store the Encrypted password in your database. But Decrypting the password, is not a good option. Password Encryption should be one way.

To check whether the password is available in your database, you can Encrypt the password entered by user by using the same Encrypt function, then match that Encrypted password to encrypted password you have in your database.

Thanks

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

It is easy to muddle encryption with hashing. What you are asking about is encryption - encryption lets you turn your password into an apparently random sequence of characters which can then be decrypted to get the original password back. What you should be using (and some have suggested) is hashing.

There are lots of examples of how to do encryption/decryption on the net, just search. This is the first one that came up for me: http://www.codeproject.com/Articles/14150/Encrypt-and-Decrypt-Data-with-C Tempting as it is to copy and paste the code from there, I won't because this isn't what you should be doing. For storing user passwords in a database it is much better to use password hashing (with salt) than to store encrypted passwords. Why? because then if your system is hacked it is impossible for an attacker to recover people's passwords - all your accounts might still be compromised but given that people often use the same password for more than one system you won't be compromising your users.

A hash is a one way function, so you can't get the original password back. When someone wants to login you simply generate a hash and then compare it with the one you have stored in the database. If you want to read more about this and why you should be using it then this is a good start: https://crackstation.net/hashing-security.htm If you would like to jump in and get some working code then have a look at Hash and salt passwords in C#.

Improve this answer

Comments

0

You can use any complex cryptography technique to encrypt a password and send the password key to be saved in database for corresponding user. Now when the client tries to login and enters password, sends it to server.

From the server you can again convert the login details and compute the hash and finally send to a stored procedure to compare. If the two strings match, you return true else false as for authentication.

using System.Security.Cryptography;
...
...
...
private const string _alg = "HmacSHA256";
private const string _salt = "rz8LuOtFBXphj9WQfvFh"; // Generated at https://www.random.org/strings

public static string GenerateToken(string username, string password)
{
    string hash = string.Join(":", new string[] { username, password });

    using (HMAC hmac = HMACSHA256.Create(_alg))
    {
        hmac.Key = Encoding.UTF8.GetBytes(GetHashedPassword(password));
        hmac.ComputeHash(Encoding.UTF8.GetBytes(hash));

        hash = Convert.ToBase64String(hmac.Hash);
    }

    return Convert.ToBase64String(Encoding.UTF8.GetBytes(hash));
}

public static string GetHashedPassword(string password)
{
    string key = string.Join(":", new string[] { password, _salt });

    using (HMAC hmac = HMACSHA256.Create(_alg))
    {
        // Hash the key.
        hmac.Key = Encoding.UTF8.GetBytes(_salt);
        hmac.ComputeHash(Encoding.UTF8.GetBytes(key));

        return Convert.ToBase64String(hmac.Hash);
    }
}
Improve this answer

2 Comments

No, it is not. It is a constant value in the source code here, but it should be unique for EVERY user, so that when users A and B choose the same password the hashed passwords would still be different.
The hash is a combination of username, password and salt. Assuming every username is unique in database, which it usually is, no two users can ever have same hashed password.
0

MD5 is not secure anymore.

When a user register to use your application, hash the password with SHA512 bit with salt. You can find like PWDTK nuget package which we can easily use. Password is what we don't need to know what it means but just plays a secure role. Like some person commented above, when the user try to log-in after user registration, just encrypt the user's input(password) and compare it with that registered in SQL database. Password must be one-way.

After the login result comes up success or fail, the role of password is finished.

As of Winform cases, you need to deeply consider to secure the connectionstring to connect to SQL database. One possible option might be WCF middleware between Winform application and SQL database.

And for last but very importantly, you must use SSL for secure communication.
It seems you might consider these at later stages.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.