1

I am working on a legacy .NET application that provides a desktop client for accessing a MySQL database. It's written in VB.NET and uses WinForms for entering data into and retrieving data from the database.

I need to extend the software to add user accounts and roles so that the client can control which users have access to the data.

This must have been common in the past, but I can't find documentation for this that is isn't part of the ASP.NET web framework and I can't see how to move forward. Is there a recommended approach in .NET for doing this?

isedwards
  • 2,429
  • 21
  • 29
  • 1
    Recommended: is not to store password at all – Rahul Feb 05 '19 at 10:08
  • No, if you really have to then hash the password and then store the hash rather and not the actual password – Rahul Feb 05 '19 at 10:19
  • @Rahul I've edited to say hashed passwords. If I intended to store the passwords as plain text then I wouldn't have needed to ask the question! – isedwards Feb 05 '19 at 10:25
  • @Rahul if this is a duplicate then can you provide a link? (Or remove the duplicate label) – isedwards Feb 05 '19 at 10:34
  • 2
    Duplicate question link already present in the dupe banner. For your reference https://stackoverflow.com/questions/1054022/best-way-to-store-password-in-database – Rahul Feb 05 '19 at 10:53
  • 1
    I have heard that Bcrypt is good. I believe there is a Nuget. – Mary Feb 05 '19 at 21:31

0 Answers0