O'Reilly logo

Microsoft® Visual Basic® .NET Programmer's Cookbook by Matthew MacDonald

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Store a Salted Password Hash in a Database

Problem

You want to store password information in a database, but you want to make sure the passwords aren’t clearly visible.

Solution

Instead of storing a plain text password, store a salted hash of the password in the database as a binary field. This password hash is still suitable for authentication, but much more difficult for an attacker to reverse engineer.

Discussion

Many applications authenticate users by comparing a supplied username and password with information stored in a back-end database. Often, the password information is stored in the database as plain text, which raises a serious security risk. If a malicious user can gain access to the database server, even for only a few minutes, the attacker ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required