Tuesday, January 26, 2010

Hash and Salt passwords in c#

The following post will be describing password hashing and adding a salt value to it....

  • Store the PasswordHash and salt in the database in the user's account.

  • Then, when the user attempts to logon the next time, grab the salt from the database and hash it as usual with the password provided by the user during logon and compare that value to the PasswordHash in the database. If they are the same, the user provided the correct password (whatever that may be). If they are not the same, the password entered was incorrect.


private static string CreateSalt(int size)
  {
   //Generate a cryptographic random number.
   RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
   byte[] buff = new byte[size];
   rng.GetBytes(buff);

   // Return a Base64 string representation of the random number.
   return Convert.ToBase64String(buff);
  }

private static string CreatePasswordHash(string pwd, string salt)
  {
   string saltAndPwd = String.Concat(pwd, salt);
   string hashedPwd = 
    FormsAuthentication.HashPasswordForStoringInConfigFile(
    saltAndPwd, "sha1");

   return hashedPwd;
  }
string salt = CreateSalt(TxtPassword.Text.Length);
string hash = CreatePasswordHash(TxtPassword.Text, salt);

Thursday, January 21, 2010

which are the must-visit-daily websites for programmers?


Charlie Calvert (A LINQ and general C# guru from MS) http://blogs.msdn.com/charlie/default.aspx
Fabulous Adventures In Coding (Insite into the future of C#)http://blogs.msdn.com/ericlippert/default.aspx
Mike Taulty (An awesome Brit from MS who does amazing screencasts and exhaustive posts on new language features) http://mtaulty.com/CommunityServer/blogs/mike_taultys_blog/default.aspx
Sara Ford (Learn something new about your IDE) http://blogs.msdn.com/saraford/default.aspx
Scott Hanselman (Perhaps the most relevant C# evangelist and a great speaker, teacher and blogger)http://www.hanselman.com/blog/
Daniel Cazzulino (This guy is in a league of his own, always something clever that makes me feel stupid)http://www.clariusconsulting.net/blogs/kzu/default.aspx

Tuesday, January 19, 2010

How to Find Tables With Foreign Key Constraint in Database?

Hai guys,

  The following post will lead you get list of tables With Foreign Key Constraint in Database,


SELECT f.name AS ForeignKey,
OBJECT_NAME(f.parent_object_id) AS TableName,
COL_NAME(fc.parent_object_id,
fc.parent_column_id) AS ColumnName,
OBJECT_NAME (f.referenced_object_id) AS ReferenceTableName,
COL_NAME(fc.referenced_object_id,
fc.referenced_column_id) AS ReferenceColumnName
FROM sys.foreign_keys AS f
INNER JOIN sys.foreign_key_columns AS fc
ON f.OBJECT_ID = fc.constraint_object_id


How to Find Tables With Primary Key Constraint in Database?

SELECT i.name AS IndexName,
OBJECT_NAME(ic.OBJECT_ID) AS TableName,
COL_NAME(ic.OBJECT_ID,ic.column_id) AS ColumnName
FROM sys.indexes AS i
INNER JOIN sys.index_columns AS ic
ON i.OBJECT_ID = ic.OBJECT_ID
AND i.index_id = ic.index_id
WHERE i.is_primary_key = 1