Best Way to Store Password using C# and MySql

Question

Possible Duplicate:
How to best store user information and user login and password
Best way to store password in database

I'm looking for the best methods to securely store passwords on a web-based application using C# and MySql.

I'd love any advice on the best way to implement this, if there are existing dll's i can tap into or things already built into the .net framework.

Also - i'm looking for the way to best store the password while following PCI compliance rules.

Thanks very much... Loren

http://stackoverflow.com/questions/1054022/best-way-to-store-password-in-database — NIlesh Sharma, Sep 11 '12 at 19:03

score 3 · Answer 1 · answered Sep 11 '12 at 19:04

3

asp.net has it's own Membership class and it can do a lot of the work for you.

answered Sep 11 '12 at 19:04

I don't know who marked you down, but .Net "Membership" is a good suggestion! IMHO... – paulsm4 Sep 11 '12 at 20:02

score 2 · Accepted Answer · answered Sep 11 '12 at 19:03

2

Never store the passwords themselves. Salt and hash them before storing.

answered Sep 11 '12 at 19:03

Keith Randall

2 Answers2