i have a signup form on my website for user registeration ....... so i want to make it secure , by secure i mean , Password should be encrypted etc etc.....or any other precautions for security
i already used hash functions of MS SQL on password field through queries but ppl always suggested to use something more advance .
so any way to make it resistent to injection etc
thanks !!!
HunainHafeez
9
Posting Whiz
Recommended Answers
Jump to PostIf the password in the database is MD5 encrypted then when the user signs in just MD5 the password they typed in then match it with the password in the database to see if they match.
Hope this helped.
By the way what's your website?
All 4 Replies
joshl_1995
22
Twisted Digital
I'm sure no matter what, "Injection" will still be a problem. Here are some tips to get arround it.
First use MD5 encryption because once something has been encrypted it can't be decrypted.
Use Google reCAPTCHA to stop web bots.
If you are using PHP if your going to use $_GET to interact with your database try using only numbers to be sure there are only numbers in the $_GET use:
EXAMPLE
if (is_numeric($_GET['ID'])) {
}
Or if you have the money you could use https (Hypertext Transfer Protocol Secure).
But only use https if your dealing with private user information.
But remember that with Injection there is always a way it get in, scary isn't it.
HunainHafeez
9
Posting Whiz
Thanks mate !!!@ joshl
i m using asp.net 3.5
but wt about sign in, mean a password will b matched to password field in db, so would it be comparable ? after encryption
joshl_1995
22
Twisted Digital
If the password in the database is MD5 encrypted then when the user signs in just MD5 the password they typed in then match it with the password in the database to see if they match.
Hope this helped.
By the way what's your website?
HunainHafeez
9
Posting Whiz
@joshl: tnx dude..it helped
my project is abt HR, ONLINE RECRUITMENT SYSTEM for Institutions !!!
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.