I want to save userid and password in a MySql database for my WinForms project. One of my friends told me that this is not secure; I should encrypt and save that. I don't know about encryption.
How can I do this?
Usually passwords are not stored in database at all. Instead hash of the password is stored. You can take a look at SHA156 class for example.
There are plenty articles in the web on how to hash passwords.
For example Storing Passwords - done right!
Note that your friend is telling you to encrypt it, which is different from storing a hash (computed using a cryptographic hash function) in the table.
If you encrypt and store it, you will be able to retrieve the password if you have the key.
If you store a secure hash of a password, you can tell if a string is the same as the password or not by hashing the string and comparing the hash in the table.
I did a search and found this answer from another SO question which explains in greater detail why you should be using a hash (of a secure variety) as opposed to encrypting the password.
Last but not least, whether encrypting or secure hashing, be sure to use a publicly tested libraries and not to "roll your own".
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With