Encode password to MD5 using keys

Solution 1

what you're talking about is called a "salt" this is a sequence of random data which you append to the original plain text string. This is commonly used for passwords, preventing rainbow table / dictionary attacks.

Read up on this on: http://en.wikipedia.org/wiki/Salt_%28cryptography%29

For C# there's a good article: http://www.aspheute.com/english/20040105.asp

Solution 2

You should use Base64 encoding for representation. I.e.:

StringBuilder hash = new StringBuilder();

for (int i = 0; i < encodedBytes.Length; i++)
{
    hash.Append(encodedBytes[i].ToString("X2"));
}

This represents a string, rather than using a bit converter, which is the string representation of bytes directly (and cannot be reversed back to bits easily).

A couple of notes (please read this):

• MD5 is a non-reversible hashing function (and not a great one at that)
• If you are actually wanting to encrypt passwords using key-based encryption, such as AES, don't. Use the hashing method, but use a stronger one. Have a look at this answer here for more information on stengthening passwords.

Another note, in your implementation you can access the IDisposable interface, I.e.:

public static string Encode(string original)
{
    byte[] encodedBytes;

    using (var md5 = new MD5CryptoServiceProvider())
    {
        var originalBytes = Encoding.Default.GetBytes(original);
        encodedBytes = md5.ComputeHash(originalBytes);
    }

    return Convert.ToBase64String(encodedBytes);
}

Solution 3

Since SHA is considered more safe than MD5 I would recommend using it.

byte[] data = new byte[SALT_SIZE+DATA_SIZE];
byte[] result;
SHA256 shaM = new SHA256Managed();
result = shaM.ComputeHash(salt+data);

Author by

Omu

https://youtu.be/h-K2sMmUlxA http://youtu.be/0fFLZuQ20Qw https://github.com/omuleanu/ValueInjecter http://demo.aspnetawesome.com http://prodinner.aspnetawesome.com

Updated on February 02, 2020