1. 首页
  2. 问答
  3. ASP.NET ||这是散列密码的好方法吗?

ASP.NET ||这是散列密码的好方法吗?

2013-04-28 88 views
0

我正在尝试为我的网站哈希密码的东西,我一直在试验一下,我已经得到了一个结果。现在我问自己,如果这实际上是一种散列我的密码的好方法。ASP.NET ||这是散列密码的好方法吗?

我的主要代码:

Imports System.Security.Cryptography 

Partial Class _Default 
Inherits System.Web.UI.Page 

Protected Sub Button1_Click(sender As Object, e As System.EventArgs) Handles Button1.Click 
    Dim strWoordOmTeHashen As String 
    Dim strSalt1, strSalt2, strSalt3 As String 
    Dim random As New Random 

    Dim arrSalt1(255), arrSalt2(255), arrSalt3(255) As String 

    For i = 0 To 255 
     arrSalt1(i) = random.Next(1, 26).ToString 
     arrSalt2(i) = random.Next(1, 26).ToString 
     arrSalt3(i) = random.Next(1, 26).ToString 
    Next 

    For i = 0 To 255 
     arrSalt1(i) = VeranderGetalNaarLetter.VeranderGetalNaarLetter(CInt(arrSalt1(i))) 
     arrSalt2(i) = VeranderGetalNaarLetter.VeranderGetalNaarLetter(CInt(arrSalt2(i))) 
     arrSalt3(i) = VeranderGetalNaarLetter.VeranderGetalNaarLetter(CInt(arrSalt3(i))) 
    Next 

    For i = 0 To 255 
     strSalt1 &= arrSalt1(i) 
     strSalt2 &= arrSalt2(i) 
     strSalt3 &= arrSalt3(i) 
    Next 


    strWoordOmTeHashen = strSalt1 & strSalt2 & txtWoord.Text & strSalt3 

    'Sha512 zoder salt 
    Dim sham As New SHA512Managed 
    Dim result As Byte() 
    Dim data As Byte() 
    Dim hexstring As String 

    data = ASCIIEncoding.ASCII.GetBytes(strWoordOmTeHashen) 
    result = sham.ComputeHash(data) 

    For i = 0 To UBound(result) 
     hexstring &= Hex(result(i)).ToLower 
    Next 

    TextBox1.Text = hexstring 

End Sub 
End Class

您可能注意到,我打电话的功能。我调用这个函数: 公共类VeranderGetalNaarLetter

Public Shared Function VeranderGetalNaarLetter(intSalt As Integer) As String 

    Dim strAlfabet As String = "!abcdefghijklmnopqrstuvwxyz" 
    Dim strLetter As String 

    strLetter = strAlfabet.Substring(intSalt, 1) 


    Return strLetter 
End Function 


End Class

任何意见是值得欢迎的。我希望得到评论以改善我的编程。 感谢提前:)

来源

2013-04-28 Giani Noyez

回答

1

虽然这没有错,但它也不是最好的做法。散列密码非常繁琐,有时重新发明轮盘并不值得。如果你需要哈希你的密码,那么你应该使用已经存在的库。请看看BCrypt http://bcrypt.codeplex.com/

来源

2013-04-28 23:54:33 SOfanatic

0

这是我通常使用散列东西的代码,这是一个非常简单的功能其实:)

Function hash(text As String) As String 
    Dim encoder As New System.Text.UnicodeEncoding 
    Dim sha256 As New System.Security.Cryptography.SHA256CryptoServiceProvider 
    Return Convert.ToBase64String(sha256.ComputeHash(encoder.GetBytes(text))) 
End Function

祝你好运!

来源

2013-04-28 18:04:08

+0

是的,但我一直在阅读有关使用盐。我没有看到你使用任何盐。这是否有必要? – 2013-04-28 18:28:37

相关问题

 相关问题