Encripted password

  • Thread starter Thread starter Dino M. Buljubasic
  • Start date Start date
D

Dino M. Buljubasic

I am storing encrypted password in registry and using it then to log on my
application. However, my objConn.Open(str_connecton_string) crashes the
application if I use the encrypted password.

My connection string works fine with an unencrypted password and looks like:

str_connection_string = "data source=XXXX;initial catalog=dbname;user
ID=username;password=encryptedpassword;connection timeout = 5"

Any help will be appreciated.
 
Hi Dino,
I hope you are decrypting the password before sending it to the database.

Cheers
Benny
 
Hello,

Dino M. Buljubasic said:
I am storing encrypted password in registry and using it
then to log on my application. However, my objConn.
Open(str_connecton_string) crashes the application if
I use the encrypted password.

Decrypt the password before passing it to the 'Open' method.

Regards,
Herfried K. Wagner
 
Hi Herfried,

I will check if there is a way to decript it. I am using MD5 and as I know
it is one way encryption, did not know I can decrypt it, too.

However, I am not decripting the passwords when I get them from database and
everything works just fine. The problem is when I get the encrypted
password from the registry only.

Regards,
 
You cannot decrypt MD5 hashes. When you use MD5, you produce a hash, which
is irreversible.

--
HTH,
-- Tom Spink, Über Geek

Please respond to the newsgroup,
so all can benefit

"Maybe it's a game called 'Punish the User'"
 
Hello,

Dino M. Buljubasic said:
Yes, I found it out, too.

A hast can not be decrypted. So, any idea how to solve
the problem?

I don't really understand what's your problem. You cannot use the encrypted
password, you need the original password.

Regards,
Herfried K. Wagner
 
The problem is following:

- to connect to my application I use a registry password.
- once connected, users do various things and their passwords are stored in
a datatable on an SQL Server.

If hashed, the passwords stored on SQL Server data table work just fine.
If hashed, the password stored in registry when sent to open method via
connection string property throws error 18456

I found what the problem is but have not found the solution to it. The
problem is that a user gets assigned a password when he/she is to be granted
permission to log on SQL server. That password has to match the password
stored in the registry on the machine where my application is running.

However, since I hash that password, it wont match the password I assigned
to that user on SQL Server inside LogIns Manager. One solution (possible)
would be to simply copy the hashed password ASCII string and paste it to the
user's password field on the SQL Server, but I think that is "ein ziemlich
schlampich Weg" to go for it.

Let me know if you have any idea, please. If not, I am just gonna leave it
as it is.

Thank you for the help,
 
Well hashes are actually useful in the fact that no two hashes are the same,
if the input data is different. Which means, you hash the user's password,
then when he/she goes to type in the password, you hash the password that
was entered. If the hashes match, then the passwords match.

--
HTH,
-- Tom Spink, Über Geek

Please respond to the newsgroup,
so all can benefit

"Maybe it's a game called 'Punish the User'"
 
Back
Top