0

I have a database of logins and passwords. I wouldn't like that anyone who has access to the database can see everybody's password. How can I encrypt the passwords in the database?

In other words, I want the fields pwd (password) to be encrypted in the database but it is automatically decrypted when I enter it in the LoginForm.

I have found a method that encrypt the strings input but it doesn't solve my issue.

static string Encrypt(string value)
{
    using (MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider())
    {
        UTF8Encoding utf8 = new UTF8Encoding();
        byte[] data = md5.ComputeHash(utf8.GetBytes(value));
        return Convert.ToBase64String(data);
    }
}

private void BtnEncrypt_Click(object sender, EventArgs e)
{
    if (string.IsNullOrEmpty(txtPass.text))
    {
        MessageBox.Show("Please enter your password !");
    }
    texResult.Text=Encrypt(txtPass.Text);
}

Please, can somebody help me.
Thanks in advance.

Manfred Radlwimmer
  • 13,257
  • 13
  • 53
  • 62
Yosra Chourou
  • 73
  • 8
  • 4
    MD5 is not the most secure way to do this tho. I believe there are tons of online decrypt websites to decrypt md5 strings. – Robbert May 11 '16 at 09:57
  • Passwords are only one direction (encrypt). You can't take an encrypted password and get the un-encrypted password. You have to store in the database both the password and the encrypted password in the database. – jdweng May 11 '16 at 09:58
  • Dont use MD5, it'd be _very fast_ to brute force your PW hashes. Use something like `PBKDF2` or `bcrypt` which are much slower. – DGibbs May 11 '16 at 10:00
  • Store only encrypted password in database. Then, when user is trying to log in, encrypt txtPass.text and compare it with database. – Vegz May 11 '16 at 10:02
  • @jdweng If I store both(password and encrypted password) the issue isn't solved , we can see the password when I have acess to DB. – Yosra Chourou May 11 '16 at 10:02
  • 4
    Why do you need to decrypt passwords? You can encrypt the input login details and compare the encrypted output strings. – Chaos Legion May 11 '16 at 10:04
  • @KunalChitkara How can I do It , Please ?? – Yosra Chourou May 11 '16 at 10:11
  • if the un-encrypted password is in a table with credentials that limits people who can see the password then you issue is solved. – jdweng May 11 '16 at 10:24
  • Added as an answer – Chaos Legion May 11 '16 at 10:34

4 Answers4

1

You can Encrypt your password using your Encrypt function and store the Encrypted password in your database. But Decrypting the password, is not a good option. Password Encryption should be one way.

To check whether the password is available in your database, you can Encrypt the password entered by user by using the same Encrypt function, then match that Encrypted password to encrypted password you have in your database.

Thanks

Sam
  • 2,935
  • 1
  • 19
  • 26
Saadi
  • 2,211
  • 4
  • 21
  • 50
1

It is easy to muddle encryption with hashing. What you are asking about is encryption - encryption lets you turn your password into an apparently random sequence of characters which can then be decrypted to get the original password back. What you should be using (and some have suggested) is hashing.

There are lots of examples of how to do encryption/decryption on the net, just search. This is the first one that came up for me: http://www.codeproject.com/Articles/14150/Encrypt-and-Decrypt-Data-with-C Tempting as it is to copy and paste the code from there, I won't because this isn't what you should be doing. For storing user passwords in a database it is much better to use password hashing (with salt) than to store encrypted passwords. Why? because then if your system is hacked it is impossible for an attacker to recover people's passwords - all your accounts might still be compromised but given that people often use the same password for more than one system you won't be compromising your users.

A hash is a one way function, so you can't get the original password back. When someone wants to login you simply generate a hash and then compare it with the one you have stored in the database. If you want to read more about this and why you should be using it then this is a good start: https://crackstation.net/hashing-security.htm If you would like to jump in and get some working code then have a look at Hash and salt passwords in C#.

Community
  • 1
  • 1
Brian Cryer
  • 2,126
  • 18
  • 18
0

You can use any complex cryptography technique to encrypt a password and send the password key to be saved in database for corresponding user. Now when the client tries to login and enters password, sends it to server.

From the server you can again convert the login details and compute the hash and finally send to a stored procedure to compare. If the two strings match, you return true else false as for authentication.

using System.Security.Cryptography;
...
...
...
private const string _alg = "HmacSHA256";
private const string _salt = "rz8LuOtFBXphj9WQfvFh"; // Generated at https://www.random.org/strings

public static string GenerateToken(string username, string password)
{
    string hash = string.Join(":", new string[] { username, password });

    using (HMAC hmac = HMACSHA256.Create(_alg))
    {
        hmac.Key = Encoding.UTF8.GetBytes(GetHashedPassword(password));
        hmac.ComputeHash(Encoding.UTF8.GetBytes(hash));

        hash = Convert.ToBase64String(hmac.Hash);
    }

    return Convert.ToBase64String(Encoding.UTF8.GetBytes(hash));
}

public static string GetHashedPassword(string password)
{
    string key = string.Join(":", new string[] { password, _salt });

    using (HMAC hmac = HMACSHA256.Create(_alg))
    {
        // Hash the key.
        hmac.Key = Encoding.UTF8.GetBytes(_salt);
        hmac.ComputeHash(Encoding.UTF8.GetBytes(key));

        return Convert.ToBase64String(hmac.Hash);
    }
}
Chaos Legion
  • 2,730
  • 1
  • 15
  • 14
  • No, it is not. It is a constant value in the source code here, but it should be unique for EVERY user, so that when users A and B choose the same password the hashed passwords would still be different. – 1615903 May 12 '16 at 04:52
  • The hash is a combination of username, password and salt. Assuming every username is unique in database, which it usually is, no two users can ever have same hashed password. – Chaos Legion May 12 '16 at 04:55
0

MD5 is not secure anymore.

When a user register to use your application, hash the password with SHA512 bit with salt. You can find like PWDTK nuget package which we can easily use. Password is what we don't need to know what it means but just plays a secure role. Like some person commented above, when the user try to log-in after user registration, just encrypt the user's input(password) and compare it with that registered in SQL database. Password must be one-way.

After the login result comes up success or fail, the role of password is finished.

As of Winform cases, you need to deeply consider to secure the connectionstring to connect to SQL database. One possible option might be WCF middleware between Winform application and SQL database.

And for last but very importantly, you must use SSL for secure communication.
It seems you might consider these at later stages.

Kay Lee
  • 922
  • 1
  • 12
  • 40