Comparing Hashed password field with clear text.

     I am trying to hash password field and then comparing it.  I updated table as shown below.  But when i try to compare and find the password that matches wtih the password i have entered. No result. What is wrong with tihis?
     Thanks in advance.

Table column description :
pass      varbinary(256)      Unchecked

Update Pass field :
update Tab_Users set Pass = HashBytes('SHA1', '1234567') where  UserId = 10

After update here is the pass :
SELECT pass FROM Tab_Users  where  UserId = 10

Compare pass  field :
where pwdcompare(HashBytes('SHA1', '1234567'),pass) = 1 AND UserId = 10
Who is Participating?
Ryan McCauleyConnect With a Mentor Data and Analytics ManagerCommented:
PWDCOMPARE is used to compare SQL Server login passwords, not custom hashed application passwords. Since you're comparing the hashes, you don't need it. Change that last select to this:

SELECT * FROM Tab_Users 
where HashBytes('SHA1', '1234567') = pass and UserId = 10

Open in new window

And you'll get what you're looking for.
Hi, you could create a test user and delete it, just when you are comparing the password ;-)
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.