January 14, 2003 at 1:44 pm
I have a table that stores passwords for a web app. Is it possible to obfuscate them from viewing?
January 14, 2003 at 2:06 pm
Sure. Not that secure, but easy to do. Want something simple? Roll the letters, replace A with F, B with G, etc.
Or add some # to the ASCII() value of the letters.
More complicated? See the xp_crypt proceedures on this site.
Steve Jones
January 14, 2003 at 3:05 pm
I suggest using a known encryption method with high reliability such as 3DES. CAPICOM is a free set of APIs from MS that supports various crypto formats including certificates. Check out
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsecure/html/intcapicom.asp
January 14, 2003 at 3:09 pm
Thanks Antares, I have built my own encryption dll that wraps the crypto api's
from MSFT, but I believe I will probably switch to theirs as it supports
signatures, and I did not have time to implement that. Just finished bookmarking that URL.
Tim C.
//Will write code for food
One Windows to rule them all, One Windows to find them,
One Windows to bring them all and in the darkness bind them
In the Land of Microsoft where the Shadows lie.
Tim C //Will code for food
January 14, 2003 at 3:19 pm
Also, if going to store passwords I suggest using one way encryption of item agaists itself as encryption key as you do not leave potiential keys like this in your source code.
Viewing 5 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply