Appendix . How To: Use Forms Authentication with SQL Server 2000

Web applications that use Forms authentication often store user credentials (user names and passwords) together with associated role or group lists in Microsoft® SQL Server™ 2000.

This How To describes how to securely look up user names and validate passwords against SQL Server 2000. There are two key concepts for storing user credentials securely:

Storing password digests. For security reasons, passwords should not be stored in clear text in the database. This How To describes how to create and store a one-way hash of a user’s password rather than the password itself. This approach is preferred to storing an encrypted version of the user’s password in order to avoid the key management ...

Get Building Secure Microsoft® ASP.NET Applications now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Building Secure Microsoft® ASP.NET Applications by

Appendix . How To: Use Forms Authentication with SQL Server 2000

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly