Print Page | Close Window

Encryption of WWF?

Printed From: Web Wiz Forums
Category: Web Wiz Web App Support Forums
Forum Name: Web Wiz Forums
Forum Description: Support forum for Web Wiz Forums application.
URL: https://forums.webwiz.net/forum_posts.asp?TID=28951
Printed Date: 01 April 2026 at 5:45pm
Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com


Topic: Encryption of WWF?
Posted By: vitinhgocong
Subject: Encryption of WWF?
Date Posted: 11 November 2010 at 2:06am
Please let me know the rules encryption of WWF (create user & login user). How does this works:
User_code, Password, Salt

How do WWF Encryption password to database and read them ?????

Thanks


Replies:
Posted By: WebWiz-Bruce
Date Posted: 11 November 2010 at 12:13pm
When a password is created a random slat value is added to the password which is then 160bit one way encrypted and added to the database along with the salt value.

The password can not be read back in, so when someone logs in the salt value in the database is added to the end of the password which is then encrypted, if the encrypted password then matches that stored in the database the user is logged in.


-------------
https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting
https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting

Posted By: vitinhgocong
Date Posted: 11 November 2010 at 12:20pm
I want to know the process details, this is true or false:

'///////////////////////////////////////////////////////////////////////
...................

rsCommon.AddNew

rsCommon.Fields("Username") = strUsername
rsCommon.Fields("User_code") = userCode(strUsername)
rsCommon.Fields("Salt") = getSalt(strPassword)
rsCommon.Fields("Password") = HashEncode(strPassword)
.....................

Thanks!

Posted By: WebWiz-Bruce
Date Posted: 12 November 2010 at 10:15am
I've not tested your code but it looks about right as there are built in functions for these various processes.

-------------
https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting
https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting

Posted By: vitinhgocong
Date Posted: 12 November 2010 at 10:46am
I want to ask: How is WWF encryption password and Salt that?

Posted By: WebWiz-Bruce
Date Posted: 12 November 2010 at 12:12pm
The salt value is appended to the end of the password, so the above code would need to be:-

rsCommon.Fields("Username") = strUsername
rsCommon.Fields("User_code") = userCode(strUsername)
strSalt = getSalt(10)
rsCommon.Fields("Salt") = strSalt 
rsCommon.Fields("Password") = HashEncode(strPassword & strSalt)


When someone logs in you take their entered password then append the salt value from the database to it and encrypt it. If the encrypted password with the salt match the encrypted password store in the database then the user has entered the correct password.


-------------
https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting
https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting

Posted By: vitinhgocong
Date Posted: 12 November 2010 at 12:35pm
OK! thanks WebWiz-Bruce


Print Page | Close Window

Forum Software by Web Wiz Forums® version 12.08 - https://www.webwizforums.com
Copyright ©2001-2026 Web Wiz Ltd. - https://www.webwiz.net