hash password in SQL Server (asp.net)

Posted by ile on Stack Overflow See other posts from Stack Overflow or by ile
Published on 2010-05-13T10:06:38Z Indexed on 2010/05/26 19:41 UTC
Read the original article Hit count: 251

Filed under:
|
|
|
|

Is this how hashed password stored in SQL Server should look like?

alt text

This is function I use to hash password (I found it in some tutorial)

public string EncryptPassword(string password)
{
    //we use codepage 1252 because that is what sql server uses
    byte[] pwdBytes = Encoding.GetEncoding(1252).GetBytes(password);
    byte[] hashBytes = System.Security.Cryptography.MD5.Create().ComputeHash(pwdBytes);
    return Encoding.GetEncoding(1252).GetString(hashBytes);
}

EDIT I tried to use sha-1 and now strings seem to look like as they are suppose to:

public string EncryptPassword(string password)
{
    return FormsAuthentication.HashPasswordForStoringInConfigFile(password, "sha1");
}

// example output: 39A43BDB7827112409EFED3473F804E9E01DB4A8

Result from the image above looks like broken string, but this sha-1 looks normal....

Will this be secure enough?

© Stack Overflow or respective owner

Related posts about ASP.NET

Related posts about sql