2

How to Encrypt and decrypt Password to store db in MVC Entity Framework? Am using Following Code.Please anyone Help Me.

      [Required]
    [StringLength(15, MinimumLength = 8)]
    [DataType(DataType.Password)]
    [Display(Name = "Password")]
    public string Password { get; set; }
Improve this question
5
  • 2
    See also: You're Probably Storing Passwords Incorrectly, Never store passwords in a database! and maybe Speed Hashing Commented Sep 23, 2015 at 7:30
  • I want how to encrypt and decrypt password? Commented Sep 23, 2015 at 8:06
  • No, you don't. You might think you do, but you don't. If you need to encrypt/decrypt passwords, you're doing it wrong! Passwords are amongst the most sensible pieces of data to handle. So getting the handling of passwords right is probably the most important thing to do. Luckily this is a very common task which a lot of very smart people already solved much better and much more reliable than you or me could hope to. So please, for the sake of the users of your software, make yourself familiar with those practices. Commented Sep 23, 2015 at 9:45
  • Here's another great source of information: Salted Password Hashing - Doing it Right Commented Sep 23, 2015 at 9:45
  • There are circumstances where "No, you don't" is wrong. Answers here don't answer the question on how to property store passwords that need to be retrieved. Key words: need to be retrieved. Commented Apr 22, 2020 at 17:07

1 Answer 1

Reset to default
4

Best practice is not to encrypt/decrypt the password, you should hash it (and salt it)

  • User signs up > hash password > store hash to DB

  • User logs in > hash password > compare to stored hash in DB

This makes the password difficult to recreate if an attacker gets a hold of it.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.