Re: using md5 but want sha-1

Hi,

I'm using
MD5CryptoServiceProvider md5Hasher = new MD5CryptoServiceProvider();
byte[] hashedDataBytes;
UTF8Encoding encoder = new UTF8Encoding();
hashedDataBytes = md5Hasher.ComputeHash(encoder.GetBytes(strPassword));

I notice there is a SHA1CryptServiceProvider
By the way, I'm using 1.1

Is that what you mean with managed. Is this from
System.Security.Cryptography?
Which docs where you refereing too?
Thanks



"Dominick Baier [DevelopMentor]" wrote:

> Hi,
>
> first of all - SHA1 is a hashing algorithm - no encryption. Hashing is a
> non-reversible process, which is fine for passwords.
>
> The corresponding class is called SHA1Managed - i would recommend moving
> to SHA256Managed if you can.
>
> Both support a ComputeHash method that takes a byte[] and returns a byte[].
>
> Especially for passwords i would recommend using PasswordDeriveBytes (1.1)
> or Rfc2898DeriveBytes (2.0).
>
> have a look at them in the docs - if you have further questions - feel free
> to ask.
>
> ---------------------------------------
> Dominick Baier - DevelopMentor
> http://www.leastprivilege.com
>
> > Hi,
> > I was reading that md5 is not that secure and that sha-1 or
> > whilpool or
> > ripemd-160 were better solutions. I'm using asp.net and I want to
> > encrypt the
> > password. Where can I find a sample code for that with sha-1. I can't
> > seem to find one.
> >
> > Thanks
> > Francisco
>
>
>
.