 | Forum | Register | Search | Today's Posts | Mark Forums Read |  |
|
|
 |
|
| ||||||
|
Welcome to the The ProgrammersTalk Community forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact contact us. |
 |
 | | LinkBack | Thread Tools | Display Modes |  |
08-15-2007, 10:00 AM
| ||||
| ||||
| VB.NET and MySQL Hey, I have used VB.NET and MySQL together before for my own personally use with my own site but i am planning on making a program for a friend which everyone on the internet could download. My question is if i am connecting to a database with his passwords and getting information and someone used a packet sniffer or something like that, is it then possible for them to get the password? (if not thats good lol). Also when using VB.NET and MySQL do you have to remove slashes and things such as that to stop users getting information they shouldnt/deleting the database like you would do in a PHP script? and is there any other things i should do to protect the database and program? Thanks, Lee. __________________  Great looking text - by just typing into a box you can create great looking text for your msn names, myspace, bebo, netlog, facebook and more           |
| |
|
08-17-2007, 07:43 PM
| ||||
| ||||
| Is that an encrypted connection? Meaning it's within a secured server (https://), if not then most likely it's going to be transmitted as plain text and it's possible for them to get the password...  __________________ PHP Code: |
|
08-17-2007, 08:17 PM
| |||
| |||
| Even https is "H4x0r4bl3" I would strongly advise 1-way hashing it (maybe md5? or sha1?)... and it doesn't matter if it's over http or https - much harder to decrypt and its a 1-way encryption so it cant be decrypted  __________________ Day Cares | Golf Courses | Disc Golf Courses | Campgrounds | Ice Rinks | Paintball Fields | Dentists | Plastic Surgeons | Aging Jokes Catholic Churches | Lutheran Churches | Methodist Churches | Episcopal Churches | Clean Jokes |
|
08-25-2007, 04:18 AM
| ||||
| ||||
| If i hashed it with sha1 how would i then connect to the database, the application directly connects to the database so it would try to connected with a password that has been hashed, therefore it will not connect? __________________ Great looking text - by just typing into a box you can create great looking text for your msn names, myspace, bebo, netlog, facebook and more |
|
08-28-2007, 07:46 PM
| |||
| |||
| Lee: You don't need to "Decrypt" a 1-way encrypted password. You just need to re-encrypt what the user supplied and compare against the already encrypted password. So if the admin choose a password, and encrypted it using SHA1 with a Key "CoolBeans12345"... It would spit out a huge string as the password. Then the user logged in... the application or website would know to encrypt the password that the user supplied with "CoolBeans12345" - now I have that string, compare it against the Admin Password. __________________ Day Cares | Golf Courses | Disc Golf Courses | Campgrounds | Ice Rinks | Paintball Fields | Dentists | Plastic Surgeons | Aging Jokes Catholic Churches | Lutheran Churches | Methodist Churches | Episcopal Churches | Clean Jokes |
|
08-29-2007, 04:40 AM
| ||||
| ||||
| The user wont be inputting anything, i am not quite sure you understand what i am saying, i think i will drop this for now. __________________ Great looking text - by just typing into a box you can create great looking text for your msn names, myspace, bebo, netlog, facebook and more |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
