Re: Password encryption

From: Laura (villa_l_at_hotmail.com)
Date: 12/03/03


Date: Wed, 3 Dec 2003 00:16:08 -0800

First of all, thank you very much!
In fact it can be a two "phase" question :). The most important is to encrypt the
pwd, the next step will be to encrypt the whole file (it's an xml diffgram so
the data are unprotected and visible).
The whole file encryption impacts on retrieving data from the cache
(I'm using the dataset's load method which accepts an xml diffgram).

Best Regards,
Laura

     ----- Michael Giagnocavo [MVP] wrote: -----
     
     Just a note that if saving a password with a hash, you should consider
     multiple iterations (perhaps 1024 or more). The PasswordDeriveBytes class
     handles this for you.
     -mike
     MVP
     
     "Sunil" <anonymous@discussions.microsoft.com> wrote in message
     news:001b01c3b8f8$5f4f7970$a401280a@phx.gbl...
> Laura,
> This looks like two parts to your question...
> 1) How do you authenticate the user when offline
> 2) How to Encrypt a file (or sections of it)?
>> for 2) I suggest you ecrypt the file using the MD5 Hash
> of userName + Password. Inside the file you can keep what
> ever you want to store including full details for the
> Login Info. (this should solve the part 1. )
>> This is not the greatest solution but it can be done
> quick and dirty.
>> I am pretty sure there are examples on the web which show
> how to encrypt a file and how to get a MD5 or SHA1 Hash
> for a given string...
>> Good Luck,
> Sunil
>>>>-----Original Message-----
>>Hi, I'm developing an application that saves a data
> cache locally with the data retrieved from the server.
> This is done to let the user work offline. I need to
> save also the login info for the user (in order to
> authenticate the user even if he's working offline). I
> found a lot of classes under the System.Security
> Namespace, but I don't know wich one is more suitable to
> accomplish this task. I need to encrypt the pwd for
> example, or even the entire xml (the cache is a ado.net
> diffgram). Any hint?
>>>>Best regards and thanks in advance,
>>Laura
>>.
>>



Relevant Pages

  • Re: pwds in dbases
    ... For ultimate security, encrypt with a one-way function. ... prior to checking if the login is correct. ... a new PWD has to ...
    (microsoft.public.inetserver.asp.general)
  • Re: wanted opinions: Powercrypt 2000 (text encryption)
    ... friends outside of email. ... that up onto your clipboard. ... And use a shared pwd. ... then encrypt the file using strong cryptography, ...
    (sci.crypt)
  • Re: [Creating an exe from another exe]
    ... > writing you proceed to encrypt, A is gonna ask your for a pwd in order to ... > This B you send it to a friend along with the pwd. ... basically is ONE SINGLE program that creates other exe files capable ...
    (microsoft.public.vb.general.discussion)
  • Re: pwds in dbases
    ... always use some asp to encrypt using a shared key and store that. ... as the unecrypted pwd must be posted into the processing asp etc... ...
    (microsoft.public.inetserver.asp.general)