Hall of Fame

1. abel981,693
2. guru_sami764,050
3. TheLearn...529,355
4. CodeCruiser439,606
5. nmarun431,054
6. GiftsonDJ...363,715
7. aibusines...314,444
8. Juan_Bar...310,594
9. x_com305,780
10. Dhaest300,866
11. jinal294,858
12. CB_Thiru...294,313
13. carlnorrbom258,132
14. davrob60252,917
15. sunithnair237,805
16. DropZone234,070
17. praveenv...232,932
18. prairiedog220,925
19. burakiewicz216,947
20. daveamour215,055
21. Omego2K213,665
22. ragi0017207,715
23. HainKurt206,459
24. angelIII201,692
25. wht1986186,866

1. TheLearn...3,566,817
2. samtran0...2,728,399
3. raterus2,081,290
4. nauman_...1,216,228
5. sammy1...1,193,317
6. Rejojohny1,121,409
7. abel1,016,343
8. mmarinov996,221
9. scolja962,242
10. prairiedog921,362
11. Dhaest793,214
12. guru_sami764,050
13. angelIII759,102
14. Juan_Bar...648,279
15. lem2802634,188
16. AerosSaga600,606
17. TimCottee580,519
18. pratima_...579,106
19. Edwin_C568,753
20. CodeCruiser542,665
21. x_com530,281
22. tusharashah517,701
23. Justin_W489,746
24. strickdd487,968
25. carl_tawn470,356

	[x] Posted via EE Mobile
	Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again.

Question

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

8.0

Salt values prevent dictionary password attacks?

Asked by solution46 in Programming for ASP.NET

Tags: password, salt, attack, prevent, value

Hi,

I am working on a web app with an ASP.NET front end (forms authentication), a VB.NET COM layer and a SQL Server database. I am storing the password as an MD5 hash value, then re-computing the value each time the user logs in. So far this is working fine, but I have been reading that it is better to add a random salt value to the end of the password, and store this in the user table for use when re-computing the password hash (see http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT03.asp for example). Apparently this helps against dictionary attacks but I cannot see how. My view is that a dictionary attack through the front end wont be affected as the salt value wil be appended to each password tried, and if anybody has access to the back end they can read the salt value for themselves.

Full marks for the first person who gives an unequivocal reason why I should use a salt value as described in the above link.

s46.

Get your answer NOW

	Title
1	ASP.Net/C# - Class file needs to b…
2	store passwords in Sql Server

Salt values prevent dictionary password attacks?

Asked by solution46 in Programming for ASP.NET

Tags: password, salt, attack, prevent, value

About this solution