发表新帖
发表新帖

How to properly store password locally

前端 未结
关注
3 1462
萌比男神i
萌比男神i 2021-02-19 17:42

I\'ve been reading this article from MSDN on Rfc2898DeriveBytes. Here is the sample encryption code they provide.

string pwd1 = passwordargs[0];
// Create a byte
3条回答
  • 天命终不由人
    天命终不由人 (楼主)
    2021-02-19 18:13

    You typically store the hash of the password, then when user enters password, you compute hash over the entered password and compare it with the hash which was stored - that said, just hashing is usually not enough (from security point of view) and you should use a function such as PKBDF2 (Password-Based Key Derivation Function 2) instead. Here is article covering all that information in more elaborate way as well as sample code (bottom of the page): http://www.codeproject.com/Articles/704865/Salted-Password-Hashing-Doing-it-Right

    Here is a link to codereview, which I guess refers to the same implementation as above article.

    0 讨论(0)
 看不清?
提交回复
热议问题