Home/ Questions/Q 3976846
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-20T04:51:12+00:00

I have user table in SQL Server 2008 r2. Nothing there is encrypted yet

  • 0

I have user table in SQL Server 2008 r2. Nothing there is encrypted yet but I would like to at the least encrypt the passwords until the app is ready that will handle this better. Can i do this and how? to manually make the passwords encrypted.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You should not encrypt passwords if your only task is to verify that the password the user entered is correct. You should hash them instead. You could use any algorithm to hash them, but I recommend using MD5 because it is very secure.1 🙂

    for example:

    public string EncodePassword(string originalPassword)
{
//Declarations
Byte[] originalBytes;
Byte[] encodedBytes;
MD5 md5;

//Instantiate MD5CryptoServiceProvider, get bytes for original password and compute hash    (encoded password)
md5 = new MD5CryptoServiceProvider();
originalBytes = ASCIIEncoding.Default.GetBytes(originalPassword);
encodedBytes = md5.ComputeHash(originalBytes);

//Convert encoded bytes back to a 'readable' string
return BitConverter.ToString(encodedBytes);
}

    1 Edit (not original answer author): MD5 for passwords is considered insecure and more robust algorithms should be used. You should do research into the contemporary algorithms at the point of reading this. This post might be a good starting point.

    • 0