jeremy159101
asked on
How would I store peoples passwords
I want to make an online game but one problem I see coming is storing peoples passwords.
I'm hoping there is some service that could store them for me or do I have to learn how to encrypt passwords?
I'm more or less against storing peoples passwords on my computer because two things. One that sounds illegal if done wrong and two I most likely couldn't do it right to be safe.
The main reason I don't want to store peoples passwords on my computer is also, I want people to trust giving their password out to my game.
last thing, I am fine will learning a new API.
But I will be coding in C#
I'm hoping there is some service that could store them for me or do I have to learn how to encrypt passwords?
I'm more or less against storing peoples passwords on my computer because two things. One that sounds illegal if done wrong and two I most likely couldn't do it right to be safe.
The main reason I don't want to store peoples passwords on my computer is also, I want people to trust giving their password out to my game.
last thing, I am fine will learning a new API.
But I will be coding in C#
Yes, you store a hash of the password in the database, and then when you do your authentication check you're basically just checking to make sure that the hashes match. Your code to generate a hash might look like this.
public static string getMD5(string text)
{
using (MD5 md5Hash = MD5.Create())
{
string hash = getMD5Hash(md5Hash, text);
return hash;
}
}
public static string getMD5Hash(MD5 md5Hash, string input)
{
//convert input string into a byte array and compute the hash
byte[] data = md5Hash.ComputeHash(Encoding.UTF8.GetBytes(input));
//collect bytes and create a string
StringBuilder sBuilder = new StringBuilder();
//;loop through each byte and formate each one as a hex string
for (int i = 0; i < data.Length; i++)
{
sBuilder.Append(data[i].ToString("x2"));
}
return sBuilder.ToString();
}
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Using Facebook or Twitter seems like the best and easiest idea.
Thank you
Thank you
On the one side it absolves you from the responsibility of storing login info or any more private info, on the other side you give facebook and/or twitter a further info about their users using your game.
It's quite normal to offer login with facebook if you offer your game on the facebook platform. In the same way as a sign-in to Google Play Games Services for an Android game. If you choose such an option, choose one, that fits.
Bye, Olaf.
It's quite normal to offer login with facebook if you offer your game on the facebook platform. In the same way as a sign-in to Google Play Games Services for an Android game. If you choose such an option, choose one, that fits.
Bye, Olaf.
You store a hash of the salted (one salt per user) password.
As it is about an online game, does this mean ASP.NET? Then take a look at the default membership provider.