Wednesday, 30 March 2011

How to Encrypt the Password and Store it in the Database


Introduction- In the below article I am going to explain how we can encrypt the password and store it in the database. For the storage of the encrypted password I am using varbinary datatype.

Implementation- create a website , add page named encryptedpwd.aspx. place five textboxes named name_txt, address_txt, contact_txt, username_txt, password_txt and a button named submit_button.
Then open the sql server database and create a table named tb_info in your database according to the format that is given below:


Column name                             Datatype
id                                                 int(set auto increment yes)
ename                                          varchar(50)
eaddress                                      varchar(200)
econtact                                       varchar(50)
eusername                                    varchar(50)
epassword                                   varbinary(100)

Database Script for a table tb_info

SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
IF NOT EXISTS (SELECT * FROM sys.objects WHERE object_id = OBJECT_ID(N'[dbo].[tb_info]') AND type in (N'U'))
BEGIN
CREATE TABLE [dbo].[tb_info](
[id] [bigint] IDENTITY(1,1) NOT NULL,
[ename] [varchar](50) NULL,
[eaddress] [varchar](200) NULL,
[econtact] [varchar](50) NULL,
[eusername] [varchar](50) NULL,
[epassword] [varbinary](100) NULL
) ON [PRIMARY]
END

Code fo rencrypted.aspx.cs Page

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;
using System.Configuration;
using System.Collections;
using System.Globalization;
public partial class passwordencryption : System.Web.UI.Page
{
SqlConnection con = new SqlConnection();


protected void Page_Load(object sender, EventArgs e)
{

}
protected void btn_submit_Click(object sender, EventArgs e)
{
con.ConnectionString = ConfigurationManager.ConnectionStrings["cnn"].ConnectionString;
con.Open();
SqlCommand cmd = new SqlCommand();
//see the insert query, in the insert query i am using "EncryptByPassPhrase('12',@password))"
//This is for the encryption of the password
cmd.CommandText = @"INSERT INTO tb_info(ename,eaddress,econtact,eusername,epassword)
VALUES(@ename,@eaddress,@econtact,@eusername,EncryptByPassPhrase('12',@epassword))";
cmd.Connection = con;
cmd.Parameters.AddWithValue("@ename",name_txt.Text);
cmd.Parameters.AddWithValue("@eaddress", address_txt.Text);
cmd.Parameters.AddWithValue("@econtact", contact_txt.Text);
cmd.Parameters.AddWithValue("@eusername", username_txt.Text); // to store data in the varbinary datatype, there is a need to convert it into the byte[]array
// below i mentioned the method to convert the string data into the byte[] array
string pwd = password_txt.Text;
System.Text.ASCIIEncoding encryptpwd = new System.Text.ASCIIEncoding();
byte[] bpwdArray = encryptpwd.GetBytes(pwd);
cmd.Parameters.AddWithValue("@epassword", bpwdArray);
cmd.ExecuteNonQuery();
cmd.Dispose();
con.Close();
name_txt.Text = "";
address_txt.Text = "";
contact_txt.Text = "";
username_txt.Text = "";
password_txt.Text = "";

}
}
Conclusion
Through this article, you have learned how we can play encrypt the data and store it in the sql server after encryption. To learn how to decrypt the password, see my next article.

Posted by at

8 comments:

  1. Bhavik KaPatel16 February 2012 at 02:01

    I did this but on running this website i got an error message like as follows "An attempt was made to access a socket in a way forbidden by its access permissions." Please help me out.

    Thank you in advance.

    ReplyDelete
  2. MER HARDIK22 February 2012 at 21:36

    this may happen because you may not be login from administarer account in your windows. make sure you are logged in from administrator account not from admin account. Or change role of your user account from sql server management studio as all assistance roles enable fully. hope this will solve this problem

    ReplyDelete
  3. Unknown30 August 2012 at 01:49

    To learn more on Password Encryption in .Net with C# Examples and VB.Net Examples
    In this Example we use MD5 algorithm. Means Encrypt password using MD5 algorithm.
    Visit this link.

    http://jayeshsorathia.blogspot.com/2012/08/net-tips-password-encryption-in-net.html

    ReplyDelete
  4. Anonymous31 May 2017 at 00:47

    Very useful and interesting information you have been posted. This post is useful for people. We also provide below trainings

    Software Testing Courses
    Online Testing Courses in Hyderabad
    Dot Net Training in Hyderabad
    Selenium Online Training in Hyderabad
    Online Loadrunner Training
    Online Automation Testing Courses
    Sql Dba Training In Hyderabad

    ReplyDelete
  5. varun sharmaa5 March 2018 at 08:54




    AWS Training in HRBR Layout
    AWS Training in Kalyan Nagar
    Best AWS Training Institute in kalyan Nagar Bangalore
    AWS Training in HRBR Layout
    AWS Training in Kalyan Nagar
    Best AWS Training Institute in kalyan Nagar Bangalore

    ReplyDelete
  6. Anonymous29 January 2019 at 01:54

    Digital Marketing Hyderabad

    ReplyDelete
  7. Ranjith2 January 2021 at 08:26

    I am really enjoying reading your well written articles. It looks like you spend a lot of effort and time on your blog. I have bookmarked it and I am looking forward to reading new articles. Keep up the good work..



    python Training in chennai

    python Course in chennai

    ReplyDelete
  8. lakshmi2 September 2022 at 00:06

    Thanks for the valuable article. It is extremely useful
    visit us: -Swhizz

    Key technologies for your career :-
    Salesforce
    Devops
    Seo
    Aws
    Java
    Testing

    ReplyDelete

Subscribe to: Post Comments (Atom)