Welcome to WindowsClient.net | My Blog | Sign in | Join

Windows Client Videos

How Do I: Use Hashing to Secure Information

Pat Tormey shows how (and why) to use “Salt and Hash”. Hashing is essentially a one-way cipher. To make it more secure, we add a “secret” (Salt) to the secret and then hashes the results. Any two secrets can be compared to each other by comparing their results. This allows passwords to be stored in a database or transmitted across the web without the actual password ever being discovered. Note: Watch for a quick lesson on VB PowerToys graphics.

Author: Pat Tormey

Posted: Jan 07 2009, 11:37 AM by jytylr | with 2 comment(s)
Filed under: ,

Comments

jim1991 said:

I think I'm missing something here: how do you secure the salt if it is hard coded into the source code? Doesn't that defeat the purpose if someone can look in the exe and find this code?

# April 12, 2009 10:03 AM

Pat Tormey said:

Yep It could, But you don't have to hardcode the Salt.. You can use a shared fact from the system. Something from the users registration or simply use the password backward (which I've done) That's not too clever but you are just trying to avoid reversing the routine.

Pat

# April 21, 2009 6:37 AM