Solved

ASP Classic and AES or MD5 Encryption with salt

Posted on 2008-09-29
5
2,280 Views
Last Modified: 2012-05-05
Hello,

I've just registrered an account here today, hoping that some of you can help me with this problem. and a lot of searches through google always ended up here :)

I'm looking for a method to encrypt my users passwords on a website i'm developing.
I've searched through google, and haven't found anything that's useable - unfortunately
The website rossmt.net isn't working anymore. ( http://rossm.net/electronics/computers/software/ASP/ )

My current encryption method is MD5, but to make it more "secure" I would like to add a salt value which is encrypted with the MD5 Hash, which I also haven't found a way to do.

AES could also be a solution, but I haven't found a function which is asp classic supported.

Do any of you know a way of encrypting either via MD5 Hashing or AES with salt, since my webhost doesn't have the aspencrypt component installed ?

Or perhaps you can recommend an other solution for a good way of encrypting a users password.

Best regards
X
0
Comment
Question by:Xcudo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 18

Accepted Solution

by:
Morcalavin earned 500 total points
ID: 22598071
Here is a pure asp method for getting an MD5 Digest(I haven't tried it, so I don't know if it works).  It doesn't support adding a salt, but you could always just append a constant string to the end of the passwords.  Not as secure, but it should do the trick.

http://userpages.umbc.edu/~mabzug1/cs/md5/md5.asp


Usage:
MD5(message)
'or
MD5(message + someSaltConstant)  'not a true salt, but would make a dictionary attack much less likely, especially if the salt is something like "_a7Qd" or something bizarre.

Here is a list of other sites as well:
http://classicasp.aspfaq.com/components/how-do-i-handle-md5-from-asp.html
0
 
LVL 18

Expert Comment

by:Morcalavin
ID: 22598117
I just tried the above link on my server.  It's actually much faster than I had anticipated, although may not hold up under a lot of stress.
0
 

Author Comment

by:Xcudo
ID: 22603466
Thanks Morcalavin.
Do you happen to know a site where I can find a way to use AES encryption for asp classic ?

Best regards
X
0
 

Expert Comment

by:Suvigya
ID: 22982545
See if this helps..

http://www.rodsdot.com/ee/AES.asp
0
 

Author Comment

by:Xcudo
ID: 22992308
Thanks alot Suvigya for this contribution for my sub question.

Best regards
X
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Asp in server side with Mssql Server 7 4 42
ASP and Looping Thru a XML Document 4 45
ASP Classic Query that needs to display more information 18 48
JQuery on multiple lines 3 44
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
Businesses who process credit card payments have to adhere to PCI Compliance standards. Here’s why that’s important.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question