nwhan
asked on
encrypt password stored in a table
In mssql server>enterprise manager, i save my user login and password in a table called tbluserlogin. How can i encrypt my password to ensure that other ppl cannot view the password even if he/she opens the tbluserlogin table. Please help. Thanks.
ASKER CERTIFIED SOLUTION
![Avatar of Guy Hengel [angelIII / a3]](https://filedb.experts-exchange.com/files/public/2013/11/25/ddbe0ea6-aa6e-4279-b781-57b735dd3ea0.jpeg){kind=small}
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
you can use the function when writing the sql code, hence you cannot use it in the enterprise manager directly.
to be clear: you need to write the update/insert statement in the query analyser or any custom application running sql statements
ASKER
so u mean i execute your codes when i create users in a table ?
means at the same time i use "insert users" sql query, i'll have to include those codes of yours together? all at the same time when i create user?
means at the same time i use "insert users" sql query, i'll have to include those codes of yours together? all at the same time when i create user?
Yes and also when you retrieve them you will have to decrypt them.
Or you could use SQL Server 2005 ...
Or you could use SQL Server 2005 ...
ASKER
ic..but how do i decrypt them when i wanna retrieve the password?
isit when i put the codes together for "select" sql query ?
can u provide me some codes ? simple1...like save username and password(with encryption) into tbluserlogin and retrieving them(decrypt) ?
isit when i put the codes together for "select" sql query ?
can u provide me some codes ? simple1...like save username and password(with encryption) into tbluserlogin and retrieving them(decrypt) ?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
it works fine on the encrypting part...but when i need to authorise the user login, this part im having problem..how can i decrypt them in an easier way ?
you cannot decrypt. you can only compare the crypted value with the supplied password using the pwd_compare function.
>>how can i decrypt them in an easier way ? <<
Did you bother to read the article from the link I posted?
Did you bother to read the article from the link I posted?
Fair enough. What are you stuck on? Please post the code you have so far.
ASKER
well, i just need to know how can i encrypt a password entered in txtpassword and to be passed it's encrypted value to another label(lblpassword). With that concept, i'll be able to do comparison with the existing password in my database table.
*Since ur encryption style works for sql query, how can i encrypt it through the coding part in vb.net coding?
*Since ur encryption style works for sql query, how can i encrypt it through the coding part in vb.net coding?
>>how can i encrypt it through the coding part in vb.net coding? <<
You need to post in a more appropriate Topic Area such as:
https://www.experts-exchange.com/Programming/Programming_Languages/Dot_Net/VB_DOT_NET/
You need to post in a more appropriate Topic Area such as:
https://www.experts-exchange.com/Programming/Programming_Languages/Dot_Net/VB_DOT_NET/
ASKER
u mean you only know how to encrypt the password and save to db table ?
so you do not know how to encrypt the password entered to be compared to the encrypted password from the db table to authorise login?
so you do not know how to encrypt the password entered to be compared to the encrypted password from the db table to authorise login?
Pass the unencrypted password from the client code into a a stored procedure or the likes and use the pwdcompare function, returning whether the pwd matched or not back to the client.
>>u mean you only know how to encrypt the password and save to db table ?<<
I don't believe English can be your first language, so I will try it again: There are two options here:
1. If this question is related to "encrypt it through the coding part in vb.net coding" than it should be posted in a more appropriate Topic Area.
2. If on the other hand you are trying to pass the password as clear text and do it all with T-SQL than you need to follow angelIII and ShogunWade's advice. Just understand that pwdencrypt and pwdcompare are undocumented functions and are liable to be removed or changed.
So which is it?
In the meantime, you will find experts more responsive if you take the time to attend to the following abandoned question:
https://www.experts-exchange.com/questions/21715432/how-to-host-my-web-project-with-dyndns-org.html
I don't believe English can be your first language, so I will try it again: There are two options here:
1. If this question is related to "encrypt it through the coding part in vb.net coding" than it should be posted in a more appropriate Topic Area.
2. If on the other hand you are trying to pass the password as clear text and do it all with T-SQL than you need to follow angelIII and ShogunWade's advice. Just understand that pwdencrypt and pwdcompare are undocumented functions and are liable to be removed or changed.
So which is it?
In the meantime, you will find experts more responsive if you take the time to attend to the following abandoned question:
https://www.experts-exchange.com/questions/21715432/how-to-host-my-web-project-with-dyndns-org.html
ASKER