Web Wiz - Green Windows Web Hosting
Web Wiz Homepage Search Web Wiz

  New Posts New Posts RSS Feed - Encryption of WWF?
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

Encryption of WWF?
 Post Reply Post Reply
Author
  Topic Search Topic Search  Topic Options Topic Options
vitinhgocong View Drop Down
Newbie
Newbie


Joined: 07 May 2009
Status: Offline
Points: 14 		Post Options Post Options   Thanks (0) Thanks(0)   Quote vitinhgocong Quote  Post ReplyReply Direct Link To This Post Topic: Encryption of WWF?
    Posted: 11 November 2010 at 2:06am
Please let me know the rules encryption of WWF (create user & login user). How does this works:
User_code, Password, Salt

How do WWF Encryption password to database and read them ?????

Thanks

Edited by vitinhgocong - 11 November 2010 at 9:15am
Back to Top
WebWiz-Bruce View Drop Down
Admin Group
Admin Group
Avatar
Web Wiz Developer

Joined: 03 September 2001
Location: Bournemouth
Status: Offline
Points: 9844 		Post Options Post Options   Thanks (0) Thanks(0)   Quote WebWiz-Bruce Quote  Post ReplyReply Direct Link To This Post Posted: 11 November 2010 at 12:13pm
When a password is created a random slat value is added to the password which is then 160bit one way encrypted and added to the database along with the salt value.

The password can not be read back in, so when someone logs in the salt value in the database is added to the end of the password which is then encrypted, if the encrypted password then matches that stored in the database the user is logged in.
Web Wiz Forums Hosting
ASP.NET Web Hosting
Back to Top
vitinhgocong View Drop Down
Newbie
Newbie


Joined: 07 May 2009
Status: Offline
Points: 14 		Post Options Post Options   Thanks (0) Thanks(0)   Quote vitinhgocong Quote  Post ReplyReply Direct Link To This Post Posted: 11 November 2010 at 12:20pm
I want to know the process details, this is true or false:

'///////////////////////////////////////////////////////////////////////
...................

rsCommon.AddNew

rsCommon.Fields("Username") = strUsername
rsCommon.Fields("User_code") = userCode(strUsername)
rsCommon.Fields("Salt") = getSalt(strPassword)
rsCommon.Fields("Password") = HashEncode(strPassword)
.....................

Thanks!
Back to Top
WebWiz-Bruce View Drop Down
Admin Group
Admin Group
Avatar
Web Wiz Developer

Joined: 03 September 2001
Location: Bournemouth
Status: Offline
Points: 9844 		Post Options Post Options   Thanks (0) Thanks(0)   Quote WebWiz-Bruce Quote  Post ReplyReply Direct Link To This Post Posted: 12 November 2010 at 10:15am
I've not tested your code but it looks about right as there are built in functions for these various processes.
Web Wiz Forums Hosting
ASP.NET Web Hosting
Back to Top
vitinhgocong View Drop Down
Newbie
Newbie


Joined: 07 May 2009
Status: Offline
Points: 14 		Post Options Post Options   Thanks (0) Thanks(0)   Quote vitinhgocong Quote  Post ReplyReply Direct Link To This Post Posted: 12 November 2010 at 10:46am
I want to ask: How is WWF encryption password and Salt that?
Back to Top
WebWiz-Bruce View Drop Down
Admin Group
Admin Group
Avatar
Web Wiz Developer

Joined: 03 September 2001
Location: Bournemouth
Status: Offline
Points: 9844 		Post Options Post Options   Thanks (0) Thanks(0)   Quote WebWiz-Bruce Quote  Post ReplyReply Direct Link To This Post Posted: 12 November 2010 at 12:12pm
The salt value is appended to the end of the password, so the above code would need to be:-

rsCommon.Fields("Username") = strUsername
rsCommon.Fields("User_code") = userCode(strUsername)
strSalt = getSalt(10)
rsCommon.Fields("Salt") = strSalt 
rsCommon.Fields("Password") = HashEncode(strPassword & strSalt)


When someone logs in you take their entered password then append the salt value from the database to it and encrypt it. If the encrypted password with the salt match the encrypted password store in the database then the user has entered the correct password.
Web Wiz Forums Hosting
ASP.NET Web Hosting
Back to Top
vitinhgocong View Drop Down
Newbie
Newbie


Joined: 07 May 2009
Status: Offline
Points: 14 		Post Options Post Options   Thanks (0) Thanks(0)   Quote vitinhgocong Quote  Post ReplyReply Direct Link To This Post Posted: 12 November 2010 at 12:35pm
OK! thanks WebWiz-Bruce
Back to Top
 Post Reply Post Reply

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 12.08
Copyright ©2001-2026 Web Wiz Ltd.

Become a Fan on Facebook Follow us on X Connect with us on LinkedIn Web Wiz Blogs
About Web Wiz | Contact Web Wiz | Terms & Conditions | Cookies | Privacy Notice

Web Wiz is the trading name of Web Wiz Ltd. Company registration No. 05977755. Registered in England and Wales.
Registered office: Web Wiz Ltd, Unit 18, The Glenmore Centre, Fancy Road, Poole, Dorset, BH12 4FB, UK.

Prices exclude VAT at 20% unless otherwise stated. VAT No. GB988999105 - $, € prices shown as a guideline only.

Copyright ©2001-2026 Web Wiz Ltd. All rights reserved.