-
Sep 13, 2007, 04:56 AM
#1
encode/decoder algorythm to secure password.
Hi,
I am using vb6 and sql server 2000
I want to design a logon form, in this form how can use Passward field stored encrept form in tbluser table and how can i compared passward text in this table.
pls tell me how can I use encode/decoder algorythm to secure password.
User form codding are :-
Dim sql As String
Dim adcon As ADODB.Connection
Dim rs As ADODB.Recordset
Dim sqldata As String
Private Sub Form_Load()
'get a connection
cmd = "Provider=sqloledb;" & "Data Source=xyz;" & "Initial Catalog=edp07;" & "User Id=sa;"
Set adcon = New ADODB.Connection
adcon.Open cmd
sqldata = "select * from tbluser"
'Set new ADO recordset object
Set rs = New ADODB.Recordset
rs.Open sqldata, adcon, adOpenStatic, adLockOptimistic
End Sub
Private Sub cmdAdd_Click()
'Codding for clear the text box
txtId.Text = ""
txtUser.Text = ""
txtPassword.Text = ""
'txtDId.SetFocus
rs.AddNew
End Sub
Private Sub cmdSave_Click()
rs(0) = txtId.Text
rs(1) = txtUser.Text
'**** I Want to save this field in encrept form in sql server 2000 in table tbluser ! pls help me ****
rs(2) = txtPassword.Text
rs.Update
MsgBox "Entry Saved"
rs.Requery
End Sub
Login form codding are :-
Option Explicit
Dim adcon As ADODB.Connection
Dim rs As ADODB.Recordset
Dim sqldata As String
Dim cmd As String
Public LoginSucceeded As Boolean
Private Sub Form_Load()
'get a connection
cmd = "Provider=sqloledb;" & "Data Source=xyz;" & "Initial Catalog=edp07;" & "User Id=sa;"
Set adcon = New ADODB.Connection
adcon.Open cmd
sqldata = "select * from tbluser"
'Set new ADO recordset object
Set rs = New ADODB.Recordset
rs.Open sqldata, adcon, adOpenStatic, adLockOptimistic
End Sub
Private Sub cmdOK_Click()
'check for correct password
If rs.RecordCount = 0 Then
MsgBox ("No recordset")
Exit Sub
End If
'check for correct username and password
rs.MoveFirst
Do While Not rs.EOF
If txtUserName = RTrim(rs.Fields("name")) Then
'**** I Want to compare encrept data in sql server 2000 in table tbl user! Pls help me ****
If txtPassword = RTrim(rs.Fields("Password")) Then
LoginSucceeded = True
Me.Hide
Form1.Show
End If
End If
rs.MoveNext
Loop
If Not LoginSucceeded Then
MsgBox "Invalid UserName/Password, try again!", , "Login"
txtPassword.SetFocus
SendKeys "{Home}+{End}"
End If
End Sub
Can anyone help?
Thanks.
pawan
-
Sep 13, 2007, 12:47 PM
#2
MSSQL 2000 has a built in encryption algorithm somewhat similar to MD5 which is a one-way hash. Essentially you'll be comparing the password after encryption to the one already stored in the db
storing user password:
insert into tbluser(username,passwordd)
values(@username,pwdencrypt(@passwordparam))
authenticating user password:
if exists(Select * from tbluser where pwdcompare(@passwordparam) = 1 and username =@username)
BEGIN
print 'user authenticated'
END
we could do a bit more to make this a bit more 'secure' but its should accomplish what you want...REMEMBER ITS ONE WAY!!!
Hope you can follow this...it should be common knowledge...
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules