3

I am working on creating a web application to assign user access to a database. We get a ticket to grant access to a user and the help desk person select the sql instance, enters the username and the password on the app to assign access. My issue is the connection strings are all stored in a sql database and the instance password is encrypted using hashbyte function.

How am i going to connect to the database through my C# asp.net code since the password is encrypted.The help desk person will only select the instance and not enter the login credentials

Improve this question
1
  • “Hashbyte” is not encryption. Commented Feb 24, 2019 at 0:50

1 Answer 1

Reset to default
0

This kind of operation is needed to be one-way so that it cannot be decrypted. Password validation is generally done with hashing. in other words, you have hashed password inside db and when user inputs password, your application first hashes the input password then it compares hashed passwords.

but, hashing is not encryption algorithm, it is a secure one-way compression algorithm

Thus, you cannot use hashed db passwords for any purpose. users need to provide password.

You can use UserSecrets for storing encrypted password. Check this post for implementation

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Hashing isn’t compression.
Ok so what other way i can i use to encrypt the password that i can access in future for my app. I have not yet created the table, i am only looking for suggestions.
please check my answer again

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.