Manas: Thank you for your help. I was able to find informaiton on the MD5 routine doing a web-search.
Thanks for pointing me in the right direction. I appreciate the help. Andy ----- Original Message ----- From: "Manas Tungare" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, August 30, 2004 3:55 PM Subject: Re: [ASP] Password Enctryption > Andy and Kim Mills wrote: > > I was wondering how you encrypt a password in a database, and how do > > you check that encrypted password using a login screen from ASP? > > The best way is to use one-way hash algorithms (e.g. MD5). You would > hash the password before storing it in your database. When a user > tries to log in, you would hash the password entered, and compare the > two hashes. (Notice that the security stems from the fact that you > cannot unhash it.) > > This also means that you cannot let users "retrieve lost passwords". > All you can do is to assign them a new password if they lost theirs. > This is also nice because even the administrator does not know the > password which is often used for other sites. > > -- > Regards, > Manas. ------------------------ Yahoo! Groups Sponsor --------------------~--> $9.95 domain names from Yahoo!. Register anything. http://us.click.yahoo.com/J8kdrA/y20IAA/yQLSAA/17folB/TM --------------------------------------------------------------------~-> --------------------------------------------------------------------- Home : http://groups.yahoo.com/group/active-server-pages --------------------------------------------------------------------- Post : [EMAIL PROTECTED] Subscribe : [EMAIL PROTECTED] Unsubscribe: [EMAIL PROTECTED] --------------------------------------------------------------------- Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/active-server-pages/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
