|
Oh yes.. If the password is required exclusively by another application or Service ( As you are talking about FTP) you need to think it otherwise.
You might then use Rijndael to encrypt them with a secret key. Place the secret key into your application, so that even if the user finds data, he cant find the key in config files rather the compiled code holds them.
You can also use encryption tools to encrypt the whole config files too. But in that case the actual motive to change the configuration couldnt be achieved very easily.
If you need the code on how to use Rijndael Encryption, I can help you in this too.
|
|
|
|
|
Then the key is not secret.
|
|
|
|
|
At least better than writing in Web.config.
|
|
|
|
|
Sure, but you've only obfuscated the password, not actually encrypted it
(taking the MD5 of as you said earlier works, because it's not reversible)
|
|
|
|
|
Yes... I always use when I store password for my own system.
But the user wants to decrypt the string as well. You might got this already from previous discussions ..
|
|
|
|
|
You do know that MD5 has been shown to be weak, right?
|
|
|
|
|
Hey Dave....
You mean MD5 hashing is not secure enough and easily broken(even if it is one way hash)
Should I opt for Sha-1 or Sha-2 ?
|
|
|
|
|
If your passwords are sensitive you should use a stronger hash function, like SHA. Some security flaws were identified in SHA-1 (see wiki[^]), so you should use SHA-2 (224, 256, 384 and 512 bits).
|
|
|
|
|
Yes.. You are right. I was also thinking the same.
Thanks for your help.
Cheers.
|
|
|
|
|
Yes. MD5 is not very strong. SHA256 and 512 works best with random salt.
Best wishes,
Navaneeth
|
|
|
|
|
Thank you so much for your help. It was already in my mind to change this to SHA-2 hash. Just as you suggested, I think its time to change
|
|
|
|
|
No matter what you do to it, people using the program will have both the data and the code to decrypt it. You can only delay them. However, if you leave it as plain text even the silliest noob could read it (on the other hand, you'd have more to fear from actual hackers, not the noobs)
|
|
|
|
|
ha ha ... if you fear about users who uses Reflectors to get strings... DotFuscator would be your option...
In DotFuscator there is also an option to encrypt string in dlls.
|
|
|
|
|
That wouldn't solve the problem, nothing would, the problem is impossible to solve
|
|
|
|
|
Ya I agree. Even though using DotFuscator .. It can also be cracked quite easily...
So I think we are thinking too much unnecessarily..
The actual author might have already found the solution lol.
|
|
|
|
|
Yea you're probably right
|
|
|
|
|
On my last project I had to have a Windows Service Telnet into a Unix system, so I had to store the username and password. I stored them in a database with other configuration data. Only users with access to the configuration database would able to see them.
|
|
|
|
|
hi dudes,
i want to copy a table from an access database to another table on another access database in windows application using c#,what is the best solution,i dont want my application to hang while copying the data,i will be thankful.
and how can i make a progress bar and relate it to this copy so it will show how much further is needed to be done.u would solve a big problem of mine by answering me,thank u all.
|
|
|
|
|
1 - you can do it in another thread
2 - you can show a progress bar, but it will mean making lots of smaller copies, which will slow down the process.
Christian Graus
Driven to the arms of OSX by Vista.
Read my blog to find out how I've worked around bugs in Microsoft tools and frameworks.
|
|
|
|
|
Wouldn't it have to be done row-by-row anyway?
When I copy data from one table to another I use a DataReader.
|
|
|
|
|
Does the table exist in the target database or do you need to create it too?
Are you doing this in a WinForms application? If so, why? I do such things in Windows Services.
0) Open a connection to the source database
1) Get a count of records to copy
2) Use ExecuteReader to get a DataReader for the records to copy
3) Open a connection to the target database
4) Set up a parameterized insert statement for the target connection
5) while ( reader.Read() )
5.1) Set the parameter values
5.2) ExecuteNonQuery
5.3) Update the ProgressBar
6) Close the reader, and both connections
|
|
|
|
|
thank u all especialy u pieballconsult for ur solution,the table exists in the destination table,and one more quenstion,when i executereader my select statement for reading from the source table,how can i access each column that is being returned to set it as an parameter for the insert statement?
|
|
|
|
|
dudes i found the ways to access those fields in datareader,so my last question is solved,but iv got a new problem,and that is i have a large amount of records in my database tables,so it would take a very long time for selecting and inserting into destination table row by row.how can i do that by copying the whole table at once,and insert it at once too.i might user dataset and its datatables,but it doesn't work,can anybody give me an example of filling a datatable of a dataset from connection 1,and insert that datatable into connection 2 database? thank u.
|
|
|
|
|
hello all
my question is there any method to determine if MonthCalender selected date is bolded or not?
|
|
|
|
|
Data bold means its a part of how you design. If you find it as SelectedDate means the date is already bold if bold is taken for your selection item.
|
|
|
|