Results 1 to 10 of 10

Thread: Encrypt Password in Database

  1. #1

    Thread Starter
    Hyperactive Member
    Join Date
    Aug 2004
    Posts
    344

    Encrypt Password in Database

    I have make a login which stores the password in a access database. How can I encrypt the password in the database so no one can just open the database and see? Possible to encrypt to something like this ***** (see attach)? Please advice...
    Attached Images Attached Images  
    Last edited by weisi; Apr 13th, 2006 at 02:50 AM.

  2. #2
    Hyperactive Member
    Join Date
    Feb 2003
    Location
    Grenada
    Posts
    346

    Re: Encrypt Password in Database

    The best thing to do is have all your encryption done within your program, and then store the encrypted result in the database.
    So when the user types a password to login, you see if the encryption for the entered password matches the stored one...
    If my post has been helpful, then please rate it accordingly...
    If it has solved your question(s), then don't forget to mark the thread as "[Resolved]"... thank you.

  3. #3
    VB Guru ganeshmoorthy's Avatar
    Join Date
    Dec 2005
    Location
    Sharjah, United Arab Emirates
    Posts
    3,031

    Re: Encrypt Password in Database

    for a simple encryption
    you can add some values to your ascii value of the password chars and save it in the db...i.e. if your pwd is password then add 250 to each chr and when you read it minus this value....you can have it in a loop
    VB Code:
    1. For i = 0 to Len (strPwd)
    2.     sEncPwd = sEncPwd & Chr (Asc (Mid (strPwd, i, 1)) + 50)
    3. Next
    4. For i = 0 to Len (strPwd)
    5.     sDecPwd = sDecPwd & Chr (Asc (Mid (strPwd, i, 1)) - 50)
    6. Next
    If an answer to your question has been helpful, then please, Rate it!

    Have done Projects in Access and Member management systems using BioMetric devices, Smart cards and BarCodes.


  4. #4

    Thread Starter
    Hyperactive Member
    Join Date
    Aug 2004
    Posts
    344

    Re: Encrypt Password in Database

    Is there other ways of encrypting the database?

  5. #5
    old fart Frans C's Avatar
    Join Date
    Oct 1999
    Location
    the Netherlands
    Posts
    2,926

    Re: Encrypt Password in Database

    If you set the inputmask to Password, MS Access will show the text as asterisks.
    This is not very secure, because when you read the data with another application the value is still readable.
    Also the inputmask can be removed by anybody with the proper permissions, and everything is readable again.
    Frans

  6. #6
    VB Guru ganeshmoorthy's Avatar
    Join Date
    Dec 2005
    Location
    Sharjah, United Arab Emirates
    Posts
    3,031

    Re: Encrypt Password in Database

    Is there other ways of encrypting the database?
    what do you mean...password or database
    If an answer to your question has been helpful, then please, Rate it!

    Have done Projects in Access and Member management systems using BioMetric devices, Smart cards and BarCodes.


  7. #7
    PowerPoster
    Join Date
    Feb 2002
    Location
    Canada, Toronto
    Posts
    5,794

    Re: Encrypt Password in Database

    Quote Originally Posted by weisi
    Is there other ways of encrypting the database?
    Just hash the password, and store it hashed

  8. #8

    Thread Starter
    Hyperactive Member
    Join Date
    Aug 2004
    Posts
    344

    Re: Encrypt Password in Database

    Quote Originally Posted by CVMichael
    Just hash the password, and store it hashed
    Any exampes that you can show me please?

  9. #9
    Addicted Member
    Join Date
    Mar 2006
    Posts
    186

    Re: Encrypt Password in Database


  10. #10
    PowerPoster
    Join Date
    Feb 2002
    Location
    Canada, Toronto
    Posts
    5,794

    Re: Encrypt Password in Database

    You have to store the password hashed.
    Hashing is one way encryption. That means that it cannot be decrypted.

    In order to check if the password is valid you have to check the encrypted results.

    Using MD5 you can get the hash like this
    VB Code:
    1. Dim MD5 As New clsMD5
    2.  
    3. hash_password = MD5.DigestStrToHexStr("test1")

    To give you an example on how to do it, add the log in form that comes with VB, and change the code in the cmdOK_Click to this:
    VB Code:
    1. Private Sub cmdOK_Click()
    2.     Dim MD5 As New clsMD5
    3.     Dim DB_Password As String
    4.     Dim SQLRequest As String
    5.    
    6.     SQLRequest = "SELECT Hash_Password FROM table_users WHERE UserName = '" & Me.txtUserName.Text & "'"
    7.    
    8.     ' execute the SQL statement
    9.     ' set the DB_Password variable to the hashed password in the database
    10.    
    11.     DB_Password = "5A105E8B9D40E1329780D62EA2265D8A"
    12.    
    13.     If MD5.DigestStrToHexStr(txtPassword.Text) = DB_Password Then
    14.         Form1.Show
    15.         Unload Me
    16.     Else
    17.         MsgBox "Invalid Password, try again!", , "Login"
    18.         txtPassword.SetFocus
    19.         SendKeys "{Home}+{End}"
    20.     End If
    21. End Sub
    I did not do the code to retrieve the password from the database, because I don't know how you do it, I don't know the table name, and field names.
    Attached Files Attached Files

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width