posted on Sunday, August 15, 2004 9:43 PM
by
warstar
Password encoding
Here is the way i encode my passwords for the database:
System.Security.Cryptography.RNGCryptoServiceProvider rng = new System.Security.Cryptography.RNGCryptoServiceProvider();
byte[] buff = new byte[16];
rng.GetBytes(buff);
string salt = Convert.ToBase64String(buff);
string encodeType = "SHA1"; //You can also use "MD5"
string pass = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile (salt + txtPass.Text, encodeType);
As you can see i use a new salt for every password but you can also just set a static salt :)
Happy netting,
Warnar