|
Home > Archive > IIS ASP > April 2006 > Saving password as an encrypted string
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Saving password as an encrypted string
|
|
| Neil G Jarman 2006-04-27, 7:52 am |
| Hi,
I would like to save my user's passwords as an encrypted sting.
Are their built in functions for doing this?
It's not financial data or anything, just to keep away prying eyes.
many thanks,
NEIL
| |
| Evertjan. 2006-04-27, 7:52 am |
| Neil G Jarman wrote on 25 apr 2006 in
microsoft.public.inetserver.asp.general:
> I would like to save my user's passwords as an encrypted sting.
>
> Are their built in functions for doing this?
>
> It's not financial data or anything, just to keep away prying eyes.
>
Prying eyes on the server?
That is not usefull, since anyone having access to the server can insert a
password bypassing backdoor.
Perhaps Rot13 will be enough?
Function ROT13(szInput)
txt = ""
coding =
" ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMa
bcdefghijklmnopqrstuvwxyzabcdefghi
jklm"
For i = 1 To Len(szInput)
character = Mid(szInput, i, 1)
position = InStr(coding, character)
If position > 0 Then character = Mid(coding, position + 13, 1)
txt = txt & character
Next
ROT13 = txt
End Function
--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
| |
| Neil G Jarman 2006-04-27, 7:52 am |
|
"Evertjan." <exjxw.hannivoort@interxnl.net> wrote in message
news:Xns97B0930DCB7FFeejj99@194.109.133.242...
> Neil G Jarman wrote on 25 apr 2006 in
> microsoft.public.inetserver.asp.general:
>
>
> Prying eyes on the server?
>
> That is not usefull, since anyone having access to the server can insert a
> password bypassing backdoor.
>
> Perhaps Rot13 will be enough?
>
> Function ROT13(szInput)
> txt = ""
> coding =
> " ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMa
bcdefghijklmnopqrstuvwxyzabcdefghi
> jklm"
> For i = 1 To Len(szInput)
> character = Mid(szInput, i, 1)
> position = InStr(coding, character)
> If position > 0 Then character = Mid(coding, position + 13, 1)
> txt = txt & character
> Next
> ROT13 = txt
> End Function
>
>
> --
> Evertjan.
> The Netherlands.
> (Please change the x'es to dots in my emailaddress)
Hi Evertjan,
Thanks for the code - yes that's probably enough.
My ony concern is that staff who have access to Enterprise Manager cold look
up the passwords of senoir managers. Best to keep them obscure.
Cheers,
NEIL
| |
| Dave Anderson 2006-04-27, 7:52 am |
| Neil G Jarman wrote:
> Thanks for the code - yes that's probably enough.
>
> My ony concern is that staff who have access to Enterprise Manager
> cold look up the passwords of senoir managers. Best to keep them
> obscure.
If that is your concern, then take the correct approach -- store hashed
values, not passwords. When authenticating, compared hashed inputs to the
stored hashed values.
http://en.wikipedia.org/wiki/Hashing
Here is one way to do this: http://www.codeproject.com/database/xp_md5.asp
--
Dave Anderson
Unsolicited commercial email will be read at a cost of $500 per message. Use
of this email address implies consent to these terms.
| |
|
|
|
|
|
|
|