Hello everybody, I am back with another good article for covering security in .NET framework for passwords of users. Although I was very much disappointed by the articles and resources published previously by many editors and authors. So I thought I must publish an article that covers all of the parts, that a good article needs.
I wrote an article for C# Corner community specifically, titled as: Efficiently Storing Passwords in .NET Framework. In that article I have discussed a lot of points and topics that a reader is trying to get in an article about Cryptography. A few major points are:
- What is cryptography? Why protect the passwords?
- How password should be protected?
- What algorithms are there to protect my password.
- Which of those algorithms are out-dated and which are expensive for my company?
- Where would the algorithms in .NET framework work.
And many more similar things are discussed there. Another major thing to understand is the usage of Salt. A salt is a random string generated to prevent password cracking attacks, such as Rainbow Table attack, Dictionary attack and many more. Salt just prevents any of them from happening.
Hashing, is an algorithm function that generates a random alphanumeric string for a password that is impossible to convert back to plain-text password, easily. Note the term, “easily”. Although a hash algorithm is designed to never run backward, still computer can run such algorithms that can get the password string back or at least try as much combinations to get the same hash value!
You should read the article from C# Corner, and learn how to protect passwords and other sensitive data in .NET framework.