Passwords...

  • Thread starter Thread starter Jacek Jurkowski
  • Start date Start date
J

Jacek Jurkowski

In my app user has to enter credentials
for sql server logon. Where to store
such informations as user name and
passwords to make sure its save?
 
In my app user has to enter credentials
for sql server logon. Where to store
such informations as user name and
passwords to make sure its save?
Click to expand...

Jacek

Are you looking to save the user name and password so the login screen
will be filled in when the user logs in again? If so, you can store
this information in a local XML file or the Registry. Using the
app.config is possible but not recommended. Be sure to encrypt the
password before doing this.

You may not want to save the password at all. Doing so would allow
anyone who has access to the machine to log in. The user id is OK to
save, but not the password.

Hope this helps.

Carl
 
It happens that Jacek Jurkowski formulated :
In my app user has to enter credentials
for sql server logon. Where to store
such informations as user name and
passwords to make sure its save?
Click to expand...

If you use it only for the sql server logon, then you don't need to
store it yourself: if the connection failed, then the username and/or
password were wrong.

Hans Kesting
 
Jacek,

Infact, it is not a good practice to allow user to enter the SQL
Credentials. Hence, avoid such requirement otherwise, cache them at DAL

HTH
 
Yes but how to encrypt password?
Any namespace? Class?


In my app user has to enter credentials
for sql server logon. Where to store
such informations as user name and
passwords to make sure its save?
Click to expand...

Jacek

Are you looking to save the user name and password so the login screen
will be filled in when the user logs in again? If so, you can store
this information in a local XML file or the Registry. Using the
app.config is possible but not recommended. Be sure to encrypt the
password before doing this.

You may not want to save the password at all. Doing so would allow
anyone who has access to the machine to log in. The user id is OK to
save, but not the password.

Hope this helps.

Carl
 
Yes but how to encrypt password?
Any namespace? Class?




Jacek

Are you looking to save the user name and password so the login screen
will be filled in when the user logs in again? If so, you can store
this information in a local XML file or the Registry. Using the
app.config is possible but not recommended. Be sure to encrypt the
password before doing this.

You may not want to save the password at all. Doing so would allow
anyone who has access to the machine to log in. The user id is OK to
save, but not the password.

Hope this helps.

Carl
Click to expand...

..NET comes with a series of encryption classes. Chek out this link for
some examples:

http://www.example-code.com/csharp/encryption.asp

There are third-party tools for encryption as well but the classes
that ship with .NET should do the job for you just fine.

Thanks

Carl
 
Back
Top