am working on a new site and i want to do tothings for security1. I want to encrypt the password of the user who register on my site and also decrypt it to enable him in login again.2. I will make an online exams so I want to disable the user functions to hack the exams materials such as (print page, print screen , or even selecting data manual by mouse )I googled a lot about this matter I found java scripts to make this but what about the users who will disable scripts on their browsers. So I want to do this with C# Code.
I am using asp.net website , now when a user creates new account his password must be saved in hashes , or gets encrypted and submits in database , next time when he login , my application fetch password from encrypted field , then decrypt it and match with the user entered password , if that's ok , page will be redirected to some other pages ... how to do that task ??
I'm teaching myself ASP.net. I'm creating an application that needs to store sensitive data. So, I found the following Blog to encrypt and decrypt data.
I'm sure it's my app, but I wanted to make sure I'm not missing anything obvious. For some reason, my app and Encryptor only works when I pass < then 7 characters. If a pass 8, it doesn't commit to the database. If I remove Encryptor, the app will store
I have a HyperLink column in a gridview that when clicked should navigate the user to another page. I pass parameters to the page using a querystring. i want to encrypte the querystring when it passed to another page
I have an asp.net site running on XP IIS just fine, with login using aspnetdb. However, I wrote a page that has a datasource that connects to the same db, with a gridview that displays users. I've done this before on 2003 server iis 6 no problem. Here I get,
Cannot open user default database. Login failed.Login failed for user (domainusername)This is the identity I set in IIS 6.0 under authentication methods for anonymous access. I had to do this because the site connects to a remote accessdb as well. I cant use a local account or aspnet account.I dont understand how I can use the same site to login and out, but not to access this page.This is my asp.net conection string
data source=.SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;user instance=true
Thats what the data source uses.Go figure when I remove and add again integrated security true, I can see the page. WHY I DONT KNOW!!!! But I also call membership.deleteuser() with a delete button, NOW THIS FAILS!Cannot open user default database. Login failed.Login failed for user '(computername)ASPNET'.
There seems to be something wrong with the create user wizard?I am using hashed password storage. When I change it to clear storage I see the user's password is being stored as something completly different than what they typed in.Example: changeme1 now equates to something like: 4W*KQQ4%=SIf I use 4W*KQQ4%=S as the password to login with it works but changeme1 does not.When I use the reset password wizard it updates the password just fine and it works when I login next.Any clues what could be causing this?
I have successfully created a SQL Server database that is holding the ASP.NET Membership data for my site. I have also created two textboxes and used them for user authentication after he/she keys in a user name and password. I would now like encrypt the password before comparing to the value stored in the Password field of the SQL Server database. However, I have been unable to do this so far.I have consulted the MSDN page for the embershipProvider.EncryptPassword method but I do not understand how to implement it. I have also tried searching Google for this method but I have only found a couple of examples and I don't understand those either.
This is my first membership provider; I converted the sample provider [URL] to SQL. I created a vb class provider and put it into the App_Code folder. After it was created I tried to modify my webconfig but the error pops up. I don't know what else to try, I don't know if I have missed something
I had been trying to solve this but there is a hidden key i wish someone point me to.
I had a simple membership database with users in first the Membership Provider configured for clear password to retrieve the original password .
Now a new requirement say that the password must be hashed and reset .
I configure the Membership password to hash , and Implemented the Reset Password Module.
My problem is as follow.
If the user is new registered user with the new configuration the password and the security answer is hashed.
also when I go and reset the password it continue to be hashed.
Now I thought that with new configuration if any previous user with clear text configuration , If he use the password Reset module , because my configuration now is hashed , I expected that the new password and security answer will be hashed . what happen is old user continue in clear text even if the configuration is hashed. so If I had new users everything is fine.
old users Membership Provider somehow know they had been stored in clear text and it keep change password and security answer in clear text . If I delete this user and create it , Membership Provider understand that everything will be hashed. I need to know how it know this , I need to migrate users not to delete and recreate users .
Also if there are no solution for that , I wish Microsoft Consider it in future cause it is a real user scenario, that can happen imagine a business system that related to membership user Id , deleting users and recreate them is not a solution .