问题
I have never encrypted a password before, and this is what I came up with to do it, with the aid of this article. The article didn't include salt, so I had to figure it out myself:
UTF8Encoding encoder = new UTF8Encoding();
byte[] salt = new byte[8];
new Random().NextBytes(salt);
byte[] encodedPassword = encoder.GetBytes(txtPassword.Text);
byte[] saltedPassword = new byte[8 + encodedPassword.Length];
System.Buffer.BlockCopy(salt, 0, saltedPassword, 0, 8);
System.Buffer.BlockCopy(encodedPassword, 0, saltedPassword, 8, encodedPassword.Length);
byte[] encryptedPassword = new MD5CryptoServiceProvider().ComputeHash(saltedPassword);
byte[] saltedEncryptedPassword = new byte[8 + encryptedPassword.Length];
System.Buffer.BlockCopy(salt, 0, saltedEncryptedPassword, 0, 8);
System.Buffer.BlockCopy(encryptedPassword, 0, saltedEncryptedPassword, 8, encryptedPassword.Length);
with saltedEncryptedPassword being stored in the database. As you probably notice, I had some trouble concatenating the byte arrays together where the salt was involved. Have I done this right, or is there a better way? Thanks.
回答1:
Password hashes should be slow, not fast.
The faster the hash, the faster an attacker can run through a password dictionary.
Therefore, you should never use general-purpose hashes like SHA for passwords.
Instead, use proven slow techniques like scrypt or PBKDF2.
回答2:
I would store only the salt value and the hash (not the saltedencryptedPassword) in separate columns in the database and regenerate the hash with the typed in password. You find a similar answer here Hash and salt passwords in C#.1`
I sometimes just us a GUID as a salt value and add it to the password before hashing.
MD5 is not safe any longer (hacked in 2004 by the Chinese), you can use SHA256 or SHA512 instead of. EDIT: However these algorithmes are pretty fast in calculation and therefore easier to hack. @SLaks suggests to use scrypt or PBKDF2, because they are much harder to calculate. There is a built-in implementation of PBKDF2 in .NET under Rfc2898DeriveBytes.
Another point: I would not create a new Random() object every time. If you call this within short period time the same sequence of random numbers will be generated every time, because the seed value is time based.
回答3:
No, it's no good. MD5 is no good anymore. It collides with itself and not to be trusted. You should use SHA256.
public string getSHA256(string input)
{
try
{
return BitConverter.ToString(SHA256Managed.Create().ComputeHash(Encoding.Default.GetBytes(input))).Replace(“-”, “”).ToLower();
}
catch (Exception e)
{
return string.Empty;
}
}
回答4:
I always use SHA2-512 for the hashing of my passwords. In my opinion passwords should never be encrypted, but always hashed (no way to trace back to the original password).
But please no longer use MD5, which is easily translated back in a password nowadays.
来源:https://stackoverflow.com/questions/10471584/is-this-a-good-way-to-encrypt-passwords-with-md5