.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
 
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Top 5 Contributors of the Month
david stephan

Home >> Articles >> ASP.NET >> Post New Resource Bookmark and Share   

 Subscribe to Articles

Store password in binary format during registration

Posted By:satyapriyanayak       Posted Date: November 21, 2013    Points: 200    Category: ASP.NET    URL: http://www.dotnetspark.com  

In this article we will know how to store password in binary format during registration. We can also login to it by providing the correct credentials. Here password will be stored in database as binary data so that no one can able to know what the password is when he/she opens the database table.
 

Register.aspx

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Register.aspx.cs" Inherits="Register_login_Encrypt_Decrypt_Asp.Register" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <title> Register Page</title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
    <asp:Label ID="Label1" runat="server" Text="Name" Width="150px" Font-Bold="True" BackColor="#FFFF66" ForeColor="#FF3300"></asp:Label>
    <asp:TextBox ID="txt_name" runat="server" Width="150px"></asp:TextBox>
        <asp:RequiredFieldValidator ID="RequiredFieldValidator1" runat="server"
            ControlToValidate="txt_name" ErrorMessage="Please enter name"></asp:RequiredFieldValidator>
        <br />
    <asp:Label ID="Label2" runat="server" Text="Address" Width="150px" Font-Bold="True" BackColor="#FFFF66" ForeColor="#FF3300"></asp:Label>
    <asp:TextBox ID="txt_address" runat="server" Width="150px"></asp:TextBox>
        <asp:RequiredFieldValidator ID="RequiredFieldValidator2" runat="server"
            ControlToValidate="txt_address" ErrorMessage="Please enter address"></asp:RequiredFieldValidator>
        <br />
    <asp:Label ID="Label3" runat="server" Text="Password" Width="150px" Font-Bold="True" BackColor="#FFFF66" ForeColor="#FF3300"></asp:Label>
    <asp:TextBox ID="txt_password" runat="server" TextMode="Password" Width="150px"></asp:TextBox>
        <asp:RequiredFieldValidator ID="RequiredFieldValidator3" runat="server"
            ControlToValidate="txt_password" ErrorMessage="Please enter password"></asp:RequiredFieldValidator>
        <br />
    <asp:Button ID="btn_Register" runat="server" Text="Register"
            onclick="btn_Register_Click" BackColor="#CCFF99" BorderColor="Maroon"
            Font-Bold="True" ForeColor="#993333" />
    </div>
   
    <asp:HyperLink ID="HyperLink1" runat="server" NavigateUrl="~/Login.aspx">Click
    here to Login</asp:HyperLink>
    <asp:Label ID="lb1" runat="server" Font-Bold="True" ForeColor="#FF3300"></asp:Label>
    </form>
</body>
</html>

Register.aspx.cs

using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data.SqlClient;
namespace Register_login_Encrypt_Decrypt_Asp
{
    public partial class Register : System.Web.UI.Page
    {
        string connStr = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
        SqlCommand com;

        protected void btn_Register_Click(object sender, EventArgs e)
        {
            SqlConnection con = new SqlConnection(connStr);
            con.Open();
            com = new SqlCommand();
            com.Connection = con;
            com.CommandType = CommandType.Text;
            Session["name"] = txt_name.Text;
            com.CommandText = @"INSERT INTO employee(name,address,password)VALUES(@name,@address,EncryptByPassPhrase('pass',@password))";
            com.Parameters.AddWithValue("@name", Session["name"]);
            com.Parameters.AddWithValue("@address", txt_address.Text);
            string password = txt_password.Text;
            System.Text.ASCIIEncoding encryptpwd = new System.Text.ASCIIEncoding();
            byte[] passwordArray = encryptpwd.GetBytes(password);
            com.Parameters.AddWithValue("@password", passwordArray);
            com.ExecuteNonQuery();
            com.Dispose();
            con.Close();
            lb1.Text = "Data entered successfully!!!";
            clear();
        }
        private void clear()
        {
            txt_name.Text = "";
            txt_address.Text = "";
        }
    }
}

Login.aspx

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Login.aspx.cs" Inherits="Register_login_Encrypt_Decrypt_Asp.Login" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <title>Login Page</title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
    <asp:Label ID="Label1" runat="server" Text="Name" Width="150px" Font-Bold="True" BackColor="#FFFF66" ForeColor="#FF3300"></asp:Label>
    <asp:TextBox ID="txt_name" runat="server" Width="150px"></asp:TextBox>
        <asp:RequiredFieldValidator ID="RequiredFieldValidator1" runat="server"
            ControlToValidate="txt_name" ErrorMessage="Please enter name"></asp:RequiredFieldValidator>
        <br />
     <asp:Label ID="Label2" runat="server" Text="Password" Width="150px" Font-Bold="True" BackColor="#FFFF66" ForeColor="#FF3300"></asp:Label>
    <asp:TextBox ID="txt_password" runat="server" TextMode="Password" Width="150px"></asp:TextBox>
        <asp:RequiredFieldValidator ID="RequiredFieldValidator2" runat="server"
            ControlToValidate="txt_password" ErrorMessage="Please enter password"></asp:RequiredFieldValidator>
        <br />
    <asp:Button ID="btn_login" runat="server" Text="Login" onclick="btn_login_Click" Font-Bold="True" BackColor="#CCFF99"/>
    <asp:Label ID="lbl_msg" runat="server" Font-Bold="True" ForeColor="#FF3300"></asp:Label>
    </div>
    </form>
</body>
</html>

Login.aspx.cs

using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Globalization;
using System.Text;
using System.IO;
using System.Data.SqlClient;

namespace Register_login_Encrypt_Decrypt_Asp
{
    public partial class Login : System.Web.UI.Page
    {
        string connStr = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
        SqlCommand com;
        SqlDataAdapter sqlda;
        DataSet ds,ds1;
        string str,str2;
       
        protected void btn_login_Click(object sender, EventArgs e)
        {
            SqlConnection con = new SqlConnection(connStr);
            con.Open();
            try
        {

        sqlda = new SqlDataAdapter(@"select convert(varchar(100), DECRYPTBYPASSPHRASE ('pass',password )) AS PWD from employee where name=@name ", con);
        Session["name"] = txt_name.Text;
        sqlda.SelectCommand.Parameters.AddWithValue("@name", Session["name"]);
        ds = new DataSet();
        sqlda.Fill(ds);

        if (ds.Tables[0].Rows.Count == 0)
        {
        lbl_msg.Text = "Invalid name";
        txt_name.Text = "";
        txt_password.Text = "";
        return;
        }

        str = (ds.Tables[0].Rows[0]["PWD"]).ToString();
        byte[] bytes = UTF8Encoding.ASCII.GetBytes(str);
        str2 = UTF8Encoding.ASCII.GetString(bytes);

        if (str2 != txt_password.Text)
        {
        lbl_msg.Text = "Invalid Password";
        txt_password.Text = "";
        txt_name.Text = "";
        return;
        }
        else
        {
        com = new SqlCommand(@"select name , convert(varchar(100), DECRYPTBYPASSPHRASE ('pass',password )) AS PWD from employee where name=@name and password=@password", con);
        com.Parameters.AddWithValue("@name", Session["name"]);
        com.Parameters.AddWithValue("@password", str2);
        ds1 = new DataSet();
        sqlda.Fill(ds1);

        if (ds1.Tables[0].Rows.Count == 0)
        {
        lbl_msg.Text = "Invalid name or Password";
        txt_name.Text = "";
        txt_password.Text = "";
        }
        else
        {
        Response.Redirect("Welcome.aspx");
        }
        }
        }
        catch (Exception err)
        {
        lbl_msg.Text = "Error: " + err.ToString(); 
        }
        }
    }
}

Welcome.aspx

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Welcome.aspx.cs" Inherits="Register_login_Encrypt_Decrypt_Asp.Welcome" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <title>Welcome Page</title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
     <asp:Label ID="lb1" runat="server" Text="Label"></asp:Label>
    </div>
    </form>
</body>
</html>

Welcome.aspx.cs

using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data.SqlClient;
namespace Register_login_Encrypt_Decrypt_Asp
{
    public partial class Welcome : System.Web.UI.Page
    {
        string strConnString = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;

        protected void Page_Load(object sender, EventArgs e)
        {
            lb1.Text = "<b><font color=Brown>" + "WELLCOME :: " + "</font>" + "<b><font color=red>" + Session["name"] + "</font>";
        }
    }
}


 Subscribe to Articles

     

Further Readings:

Responses

No response found. Be the first to respond this post

Post Comment

You must Sign In To post reply
Find More Articles on C#, ASP.Net, Vb.Net, SQL Server and more Here

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend