Hi there,
Currently I working on a project that requires users to enter a username and
password before they can use one of our internal administration system.
The system is built using VB6.0 and SQL server 200o on Windows 2000.
Can someone please suggest a way of encrypting and decrypting the password
so that the passwords can be stored in the databaseCall the Windows Crypto API in the VB6 application.
Lots of information on MSDN.
Pity you are not using .NET as there, it is 100's of times easier to
implement.
Regards
--
Mike Epprecht, Microsoft SQL Server MVP
Zurich, Switzerland
IM: mike@.epprecht.net
MVP Program: http://www.microsoft.com/mvp
Blog: http://www.msmvps.com/epprecht/
"Padmini" <Padmini@.discussions.microsoft.com> wrote in message
news:3DB5CD8B-17E8-459E-9CD8-331952A8FD90@.microsoft.com...
> Hi there,
> Currently I working on a project that requires users to enter a username
> and
> password before they can use one of our internal administration system.
> The system is built using VB6.0 and SQL server 200o on Windows 2000.
> Can someone please suggest a way of encrypting and decrypting the password
> so that the passwords can be stored in the database|||Don't store the password in the database. Password recovery mechanisms are
inherently insecure. Instead store a secure hash, including salt. The MS
crypto API provides the tools you need.
David Portas
SQL Server MVP
--|||are there any code examples of doing this anywhere?
"David Portas" wrote:
> Don't store the password in the database. Password recovery mechanisms are
> inherently insecure. Instead store a secure hash, including salt. The MS
> crypto API provides the tools you need.
> --
> David Portas
> SQL Server MVP
> --
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment