encrypting password

i am about to make a 'log in' for my app and was wondering what is the best way to encrypt a password for my user that i will enter in my database ? I found many way on Google but don't know which is the best ..

Answers


I would go with a one way salted hash.

Using a SHA1 hash for example, you would have a way to store the password as a hash which cannot be reversed back to the original password. Then when the user enters his/her password you perform the same SHA1 hash on the password and compare that hash with what you have stored in the DB, if they match then the password is correct.

To further secure the hashing, you can add a salt, this is essentially a randomly generated value that you generate for each user then you create the account, and store the salt value in the user record. When you create the hash of the password, you first combine the password with the salt and hash this combined value. To authenticate the user you combine the entered password with the salt stored for the user, perform the hash on the combined value and compare.

By adding the salt to the mix, you ensure that the hash for passwords that happend to be the same have a different hash because the salted portion differs. So if two users have the same password "Password1234", the stored hash for the two will not be the same so it cannot be determined that two users have the same password.


Need Your Help

How to resolve refactoring done in Xcode with Mercurial

xcode mercurial refactoring

I have some files I started to refactor in an iOS project. I did the refactoring through Xcode and when I ran "hg status" it shows a bunch of new and deleted files (as expected). What I'm trying to

How to let C# designer edit my struct property?

c# struct properties designer

I am creating a custom Windows Forms control in C# with several custom properties. One of those properties is a simple struct with several integral fields:

Slider menu View issue

android view slider viewgroup android-sliding

I have implemented a ListView with headers from sqlite in a separate project which is like this:

About UNIX Resources Network

Original, collect and organize Developers related documents, information and materials, contains jQuery, Html, CSS, MySQL, .NET, ASP.NET, SQL, objective-c, iPhone, Ruby on Rails, C, SQL Server, Ruby, Arrays, Regex, ASP.NET MVC, WPF, XML, Ajax, DataBase, and so on.