Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am working on a web based application that will need to store usernames and passwords. Account information will be needed to perform secondary authentication on behalf of users so I can’t simply store usernames and passwords using one-way hashing with salt etc.
Assuming that my basic requirement can’t change, any suggestions on how to handle the storage of these accounts? Symetric Encryption using the machine key? Using a random key in web.config? Using SQL based encryption?
Why don’t you use the builtin MembershipProviders? http://msdn.microsoft.com/en-us/library/yh26yfzy.aspx