Results 1 to 2 of 2

Thread: encode/decoder algorythm to secure password.

  1. #1
    Join Date
    Sep 2007
    Posts
    1
    Rep Power
    0

    Default encode/decoder algorythm to secure password.

    Hi,

    I am using vb6 and sql server 2000

    I want to design a logon form, in this form how can use Passward field stored encrept form in tbluser table and how can i compared passward text in this table.

    pls tell me how can I use encode/decoder algorythm to secure password.

    User form codding are :-

    Dim sql As String
    Dim adcon As ADODB.Connection
    Dim rs As ADODB.Recordset
    Dim sqldata As String

    Private Sub Form_Load()
    'get a connection
    cmd = "Provider=sqloledb;" & "Data Source=xyz;" & "Initial Catalog=edp07;" & "User Id=sa;"
    Set adcon = New ADODB.Connection
    adcon.Open cmd
    sqldata = "select * from tbluser"
    'Set new ADO recordset object
    Set rs = New ADODB.Recordset
    rs.Open sqldata, adcon, adOpenStatic, adLockOptimistic
    End Sub

    Private Sub cmdAdd_Click()
    'Codding for clear the text box
    txtId.Text = ""
    txtUser.Text = ""
    txtPassword.Text = ""
    'txtDId.SetFocus
    rs.AddNew
    End Sub

    Private Sub cmdSave_Click()
    rs(0) = txtId.Text
    rs(1) = txtUser.Text
    '**** I Want to save this field in encrept form in sql server 2000 in table tbluser ! pls help me ****
    rs(2) = txtPassword.Text
    rs.Update
    MsgBox "Entry Saved"
    rs.Requery
    End Sub


    Login form codding are :-

    Option Explicit
    Dim adcon As ADODB.Connection
    Dim rs As ADODB.Recordset
    Dim sqldata As String
    Dim cmd As String
    Public LoginSucceeded As Boolean

    Private Sub Form_Load()
    'get a connection
    cmd = "Provider=sqloledb;" & "Data Source=xyz;" & "Initial Catalog=edp07;" & "User Id=sa;"
    Set adcon = New ADODB.Connection
    adcon.Open cmd
    sqldata = "select * from tbluser"
    'Set new ADO recordset object
    Set rs = New ADODB.Recordset
    rs.Open sqldata, adcon, adOpenStatic, adLockOptimistic
    End Sub

    Private Sub cmdOK_Click()
    'check for correct password
    If rs.RecordCount = 0 Then
    MsgBox ("No recordset")
    Exit Sub
    End If
    'check for correct username and password
    rs.MoveFirst
    Do While Not rs.EOF
    If txtUserName = RTrim(rs.Fields("name")) Then
    '**** I Want to compare encrept data in sql server 2000 in table tbl user! Pls help me ****
    If txtPassword = RTrim(rs.Fields("Password")) Then
    LoginSucceeded = True
    Me.Hide
    Form1.Show
    End If
    End If
    rs.MoveNext
    Loop
    If Not LoginSucceeded Then
    MsgBox "Invalid UserName/Password, try again!", , "Login"
    txtPassword.SetFocus
    SendKeys "{Home}+{End}"
    End If
    End Sub





    Can anyone help?

    Thanks.

    pawan

  2. #2
    Join Date
    Jul 2004
    Posts
    153
    Rep Power
    0

    Default

    MSSQL 2000 has a built in encryption algorithm somewhat similar to MD5 which is a one-way hash. Essentially you'll be comparing the password after encryption to the one already stored in the db

    storing user password:

    insert into tbluser(username,passwordd)
    values(@username,pwdencrypt(@passwordparam))

    authenticating user password:

    if exists(Select * from tbluser where pwdcompare(@passwordparam) = 1 and username =@username)
    BEGIN
    print 'user authenticated'
    END

    we could do a bit more to make this a bit more 'secure' but its should accomplish what you want...REMEMBER ITS ONE WAY!!!

    Hope you can follow this...it should be common knowledge...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •