.net csharp store password as md5 hash into mssql database

Aug 21, 2012 | .NET

Storing plain-text password into database is completely insecure and not recommended. Several methods to store encrypted password such as using LDAP server or hashing the password before saving to database. Below is an example how to hash the password using MD5 before writing to database and authenticate user. //In order to use MD5 class, we need to import System.Security.Cryptography; using System.Security.Cryptography; //MD5 Hashstring static method public static string MD5HashString(string input) { MD5 md5Hash = MD5.Create(); // Convert the input string to a byte array and compute the hash. byte[] data = md5Hash.ComputeHash(Encoding.UTF8.GetBytes(input)); // Create a new Stringbuilder to collect the bytes // and create a string. StringBuilder sBuilder = new StringBuilder(); // Loop through each byte of the hashed data // and format each one as a hexadecimal string. for (int i = 0; i < data.Length; i++) { sBuilder.Append(data[i].ToString("x2")); } // Return the hexadecimal string. return sBuilder.ToString(); } //Create user login method public bool createUserAccount(string strUsername, string strPassword) { //validation //check if username is valid if(!UserEntity.isValidUsername(strUsername)){ //username invalid return false; } //check if password is valid if(!UserEntity.isValidPassword(strPassword)){ //password entered fail password policy validation return false; } //all validation passed //md5 hash user password string hashUserPassword = common.CommonFunction.MD5HashString(strPassword); //initialize data access layer object UserDA objUserDa = new UserDA(); //write to database bool insertResult = objUserDa.createNewUser(strUsername, hashUserPassword); return insertResult; } //Authenticate user public bool userLogin(string strUsername, string strPassword) { //check whether user login valid UserDA objUserDa = new UserDA(); //retrieve user id by username int userId = objUserDa.getUseridByUsername(strUsername); if(userId == -1) { //user records not found return false; } //convert user password to md5 string md5password = common.CommonFunction.MD5HashString(strPassword); //retrieve user...

ASP.Net List Check For Duplicates

Oct 22, 2010 | .NET

To check for duplicates values/objects’ properties between 2 list or the list itself, we use the .Exist() function provided by the List collection type. //Code in C# List<string> lstListA = new List<string>(); List<string> lstListB = new List<string>(); lstListA.Add("ADuplicate"); lstListA.Add("Some"); lstListA.Add("Some Brown Cow"); lstListA.Add("Some Brown Cow"); lstListB.Add("ADuplicate"); lstListB.Add("This"); lstListB.Add("Don't"); lstListB.Add("Contain"); lstListB.Add("Duplicates"); //Check for duplicates between 2 list foreach(string strValue in lstListA) { if(lstListB.Exists(delegate (string match){ return match.ToLower().Trim() == strValue.ToLower().Trim(); })){ //duplicate found } } //Check for duplicates within the list //Create 2 list, one will hold values with no duplicates and 1 will hold duplicate values found List<string> lstNoDuplicate = new List<string>(); List<string> lstDuplicate = new List<string>(); foreach (string strValue in lstListA) { if (lstNoDuplicate.Exists(delegate(string match) { return match.ToLower().Trim() == strValue.ToLower().Trim(); })) { //duplicate found //we add to duplicate list lstDuplicate.Add(strValue); } else { //no duplicate found //we add to no duplicate list lstNoDuplicate.Add(strValue); } } //lstDuplicate will contain items that are duplicated in lstListA //lstNoDuplicate will contain unique items in...

ASP.Net Singapore NRIC Validation

Oct 22, 2010 | .NET

This function may come in handy if you need to ensure user inputted Singapore NRIC is a valid one. Refer to wiki on the algorithm. The below function check for NRIC starting with prefix T or S. public static bool isValidSgFin(string strValueToCheck) { strValueToCheck = strValueToCheck.Trim(); Regex objRegex = new Regex("^(s|t)[0-9]{7}[a-jz]{1}$", RegexOptions.IgnoreCase); if (!objRegex.IsMatch(strValueToCheck)) { return false; } string strNums = strValueToCheck.Substring(1, 7); int intSum = 0; int checkDigit = 0; string checkChar = ""; intSum = Convert.ToUInt16(strNums.Substring(0, 1)) * 2; intSum = intSum + (Convert.ToUInt16(strNums.Substring(1, 1)) * 7); intSum = intSum + (Convert.ToUInt16(strNums.Substring(2, 1)) * 6); intSum = intSum + (Convert.ToUInt16(strNums.Substring(3, 1)) * 5); intSum = intSum + (Convert.ToUInt16(strNums.Substring(4, 1)) * 4); intSum = intSum + (Convert.ToUInt16(strNums.Substring(5, 1)) * 3); intSum = intSum + (Convert.ToUInt16(strNums.Substring(6, 1)) * 2); if (strValueToCheck.Substring(0, 1).ToLower() == "t") { //prefix T intSum = intSum + 4; } checkDigit = 11 - (intSum % 11); checkChar = strValueToCheck.Substring(8, 1).ToLower(); if (checkDigit == 1 && checkChar == "a") { return true; } else if (checkDigit == 2 && checkChar == "b") { return true; } else if (checkDigit == 3 && checkChar == "c") { return true; } else if (checkDigit == 4 && checkChar == "d") { return true; } else if (checkDigit == 5 && checkChar == "e") { return true; } else if (checkDigit == 6 && checkChar == "f") { return true; } else if (checkDigit == 7 && checkChar == "g") { return true; } else if (checkDigit == 8 && checkChar == "h") { return true; } else if (checkDigit == 9 && checkChar == "i") { return true;...