I'm trying stuff to hash password for my website and I've been experimenting a bit and I've gotten a result. Now I'm asking myself if this is actually a good way to hash my passwords.
My Main code:
Imports System.Security.Cryptography
Partial Class _Default
Inherits System.Web.UI.Page
Protected Sub Button1_Click(sender As Object, e As System.EventArgs) Handles Button1.Click
Dim strWoordOmTeHashen As String
Dim strSalt1, strSalt2, strSalt3 As String
Dim random As New Random
Dim arrSalt1(255), arrSalt2(255), arrSalt3(255) As String
For i = 0 To 255
arrSalt1(i) = random.Next(1, 26).ToString
arrSalt2(i) = random.Next(1, 26).ToString
arrSalt3(i) = random.Next(1, 26).ToString
Next
For i = 0 To 255
arrSalt1(i) = VeranderGetalNaarLetter.VeranderGetalNaarLetter(CInt(arrSalt1(i)))
arrSalt2(i) = VeranderGetalNaarLetter.VeranderGetalNaarLetter(CInt(arrSalt2(i)))
arrSalt3(i) = VeranderGetalNaarLetter.VeranderGetalNaarLetter(CInt(arrSalt3(i)))
Next
For i = 0 To 255
strSalt1 &= arrSalt1(i)
strSalt2 &= arrSalt2(i)
strSalt3 &= arrSalt3(i)
Next
strWoordOmTeHashen = strSalt1 & strSalt2 & txtWoord.Text & strSalt3
'Sha512 zoder salt
Dim sham As New SHA512Managed
Dim result As Byte()
Dim data As Byte()
Dim hexstring As String
data = ASCIIEncoding.ASCII.GetBytes(strWoordOmTeHashen)
result = sham.ComputeHash(data)
For i = 0 To UBound(result)
hexstring &= Hex(result(i)).ToLower
Next
TextBox1.Text = hexstring
End Sub
End Class
You might notice that I'm calling a function. I'm calling this function:
Public Class VeranderGetalNaarLetter
Public Shared Function VeranderGetalNaarLetter(intSalt As Integer) As String
Dim strAlfabet As String = "!abcdefghijklmnopqrstuvwxyz"
Dim strLetter As String
strLetter = strAlfabet.Substring(intSalt, 1)
Return strLetter
End Function
End Class
Any comment is welcome. I'm hoping to get comments to improve my programming a bit.
Thanks in advance :)
While this is not wrong it is not best practice either. Hashing passwords is very tedious and sometimes re-inventing the wheel is just not worth it. If you need to hash your password then you should use an already existing library. Please take a look at BCrypt http://bcrypt.codeplex.com/
This is the code I normally use to hash stuff, it's a really simple function actually :)
Function hash(text As String) As String
Dim encoder As New System.Text.UnicodeEncoding
Dim sha256 As New System.Security.Cryptography.SHA256CryptoServiceProvider
Return Convert.ToBase64String(sha256.ComputeHash(encoder.GetBytes(text)))
End Function
Good luck!
Related
hello i try to updating Message by inline keyboard.
telegram OnMessageReceived function:
Dim ID As String = e.Message.From.Id.ToString ' it is your id
Select Case e.Message.Text
Case "/ts"
Await bot.SendTextMessageAsync(ID, "Hello", replyMarkup:=CreateInLineMainMenuMarkup)
Return
End Select
Inline Keyboard function's
Public Shared Function CreateInLineMainMenuMarkup() As IReplyMarkup
Dim buttonsList As Dictionary(Of String, String) = New Dictionary(Of String, String)()
buttonsList.Add("Refresh", "test")
Return CreateInlineKeyboardButton(buttonsList, 1)
End Function
Public Shared Function CreateInlineKeyboardButton(ByVal buttonList As Dictionary(Of String, String), ByVal columns As Integer) As IReplyMarkup
Dim rows As Integer = CInt(Math.Ceiling(CDbl(buttonList.Count) / CDbl(columns)))
Dim buttons As InlineKeyboardButton()() = New InlineKeyboardButton(rows - 1)() {}
For i As Integer = 0 To buttons.Length - 1
buttons(i) = buttonList.Skip(i * columns).Take(columns).[Select](Function(direction) TryCast(New InlineKeyboardCallbackButton(direction.Key, direction.Value), InlineKeyboardCallbackButton)).ToArray()
Next
Return New InlineKeyboardMarkup(buttons)
End Function
Image To explain
Question here,can i update text message from "Hello", To be "Done". using inline keyboard click.
you will need handle OnCallbackQuery event.
first :
AddHandler bot.OnCallbackQuery, AddressOf OnCallbackQuery
then add function OnCallbackQuery (that to handle any action of callback inline keyboard)
Private Async Sub OnCallbackQuery(sender As Object, e As CallbackQueryEventArgs)
Dim call_data As String = e.CallbackQuery().Message.Text
Dim message_id As Long = e.CallbackQuery().Message.MessageId
Dim chat_id As Long = e.CallbackQuery().Message.Chat.Id
Dim callback As Long = e.CallbackQuery.Id
If call_data.Equals("Hello") Then
Dim answer As String = "Done"
Dim r As Telegram.Bot.Types.Message = Await bot.EditMessageTextAsync(chat_id, message_id, (answer))
Dim r2 As Boolean = Await bot.AnswerCallbackQueryAsync(callbackQueryId:=callback, text:=answer)
End If
End Sub
Notice that, it gonna update inline keyboard message to normal text message.
Hope it help.
I'm trying to set up my program to connect to my FTP and download files directly from my server. This what I have so far. I don't know what I'm doing wrong, or where I'm going wrong, because no matter how I code it either says "End Expected" or "Method can't handle etc due to signatures not being compatible"
I don't know what I'm doing wrong, any help would be greatly appreciated.
Private Sub Button16_Click(sender As Object, e As EventArgs) Handles Button16.Click
(ByVal downloadpath As String, ByVal ftpuri As String, ByVal ftpusername As String, ByVal ftppassword As String)
'Create a WebClient.
Dim request As New WebClient()
' Confirm the Network credentials based on the user name and password passed in.
request.Credentials = New Net.NetworkCredential("Username", "Password")
'Read the file data into a Byte array
Dim bytes() As Byte = request.DownloadData("ftp://ftp.yourwebsitename/file.extension")
Try
' Create a FileStream to read the file into
Dim DownloadStream As FileStream = IO.File.Create("C:\Local\Test.zip")
' Stream this data into the file
DownloadStream.Write(bytes, 0, bytes.Length)
' Close the FileStream
DownloadStream.Close()
Catch ex As Exception
MessageBox.Show(ex.Message)
End Try
MessageBox.Show("Process Complete")
End Sub
You probably pasted an existing method inside a Button.Click handler by mistake.
Rebuilding what was probably the original method is almost enough.
Note that this FTP procedure is a quite basic. You can rely on it only when downloading from a known remote resource. Also, as it it, it doesn't allow to show the download progress or even to cancel it.
Maybe take a look at the WebClient.DownloadDataAsync method, which allows to easily implement a progress bar and cancel the download procedure, when needed.
Also, if you're interested, in this SO question, you can find some notes and a sample Form, which can be included in a Project, to test some features of the FtpWebRequest.
Private Sub Button16_Click(sender As Object, e As EventArgs) Handles Button16.Click
Button16.Enabled = False
DownloadFile("C:\Local\Test.zip", "ftp://ftp.example.com/file.ext", "[username]", "[password]")
Button16.Enabled = True
End Sub
Private Sub DownloadFile(destinationPath As String, ftpResource As String, ftpUsername As String, ftpPassword As String)
Dim client As New WebClient()
client.Credentials = New NetworkCredential(ftpUsername, ftpPassword)
Try
Dim dataBytes() As Byte = client.DownloadData(ftpResource)
If dataBytes.Length > 0 Then
File.WriteAllBytes(destinationPath, dataBytes)
MessageBox.Show("Download Complete")
Else
MessageBox.Show("Download failed")
End If
Catch ex As WebException
MessageBox.Show(ex.Message)
Catch ex As IoException
MessageBox.Show(ex.Message)
End Try
End Sub
Here is a Console solution. Compile this into a exe file, and run it by double-clicking the executable or get a scheduler (i.e., Windos Task Scheduler) to open and run the file (it runs as soon as it opens).
Imports System
Imports System.Collections.Generic
Imports System.ComponentModel
Imports System.Data
Imports System.Linq
Imports System.Text
Imports System.Net
Imports System.IO
Namespace ConsoleApplication1
Class Program
Private Shared Sub Main(ParamArray ByVal args() As String)
If args.Any Then
' Do code that references args
Dim dt As DateTime = DateTime.Today.AddDays(-1)
Dim date As String = String.Format("{0:yyyyMMdd}", dt)
Dim p As Program = New Program
p.getFTPFile(("raw_CA_" _
+ (date + ".txt")))
' match a certain pattern in the name of the file
p.getFTPFile(("raw_EM_" _
+ (date + ".txt")))
' match a certain pattern in the name of the file
p.getFTPFile(("raw_GLB_" _
+ (date + ".txt")))
' match a certain pattern in the name of the file
p.getFTPFile(("raw_US_" _
+ (date + ".txt")))
' match a certain pattern in the name of the file
Else
' Do code that depends on no input arguments.
Dim dt As DateTime = DateTime.Today.AddDays(-1)
Dim date As String = String.Format("{0:yyyyMMdd}", dt)
Dim p As Program = New Program
p.getFTPFile(("raw_CA_" _
+ (date + ".txt")))
' match a certain pattern in the name of the file
p.getFTPFile(("raw_EM_" _
+ (date + ".txt")))
' match a certain pattern in the name of the file
p.getFTPFile(("raw_GLB_" _
+ (date + ".txt")))
' match a certain pattern in the name of the file
p.getFTPFile(("raw_US_" _
+ (date + ".txt")))
' match a certain pattern in the name of the file
End If
End Sub
Private Sub getFTPFile(ByVal FTPFile As String)
FTPSettings.IP = "000.000.100.000"
FTPSettings.UserID = "your_id"
FTPSettings.Password = "your_password"
Dim reqFTP As FtpWebRequest = Nothing
Dim ftpStream As Stream = Nothing
Try
Dim outputStream As FileStream = New FileStream(("C:\Downloads\AFL_Files\" + FTPFile), FileMode.Create)
reqFTP = CType(FtpWebRequest.Create(("ftp://something#ftp.corp.com/your_path/" + FTPFile)),FtpWebRequest)
reqFTP.Method = WebRequestMethods.Ftp.DownloadFile
reqFTP.UseBinary = true
reqFTP.Credentials = New NetworkCredential(FTPSettings.UserID, FTPSettings.Password)
Dim response As FtpWebResponse = CType(reqFTP.GetResponse,FtpWebResponse)
ftpStream = response.GetResponseStream
Dim cl As Long = response.ContentLength
Dim bufferSize As Integer = 2048
Dim readCount As Integer
Dim buffer() As Byte = New Byte((bufferSize) - 1) {}
readCount = ftpStream.Read(buffer, 0, bufferSize)
While (readCount > 0)
outputStream.Write(buffer, 0, readCount)
readCount = ftpStream.Read(buffer, 0, bufferSize)
End While
ftpStream.Close
outputStream.Close
response.Close
Catch ex As Exception
If (Not (ftpStream) Is Nothing) Then
ftpStream.Close
ftpStream.Dispose
End If
Throw New Exception(ex.Message.ToString)
End Try
End Sub
Public Class FTPSettings
Public Shared Property IP As String
Get
End Get
Set
End Set
End Property
Public Shared Property UserID As String
Get
End Get
Set
End Set
End Property
Public Shared Property Password As String
Get
End Get
Set
End Set
End Property
End Class
End Class
End Namespace
I am new to programming and get the chance to work and maintain in another developers project.
The project is built with ASP.Net Vb.Net and SQl Server.
I am trying to select the primary key ID (which is actually a GUID) from a table.
SQID = Core.DB.GetString("SELECT id FROM SQC WHERE sid = " & sid)
In the Table SQC the primary key is id which is guid and the sid is also guid which is primary key to another table.
my previous developer developed the code to select string variable GetString function where GetString is
Shared Function GetString(ByVal selectQueryText As String, ByVal ParamArray params As SqlParameter()) As String
Dim dt As DataTable = Nothing
Try
dt = GetData(selectQueryText, CommandType.Text, params)
If dt.Rows.Count = 0 Then
Return ""
Else
If TypeOf dt.Rows(0)(0) Is DBNull Then
Return ""
Else
Return CStr(dt.Rows(0)(0))
End If
End If
Finally
If dt IsNot Nothing Then dt.Dispose()
End Try
End Function
When I debug the code my process enters into GetString Function and from Get String it goes to GetData function
Shared Function GetData(ByVal selectCommandText As String, ByVal selectCommandType As CommandType, ByVal ParamArray params As SqlParameter()) As DataTable
Dim conn As SqlConnection = Nothing
Try
conn = GetOpenSqlConnection()
Return GetData(conn, selectCommandText, selectCommandType, params)
Finally
If conn IsNot Nothing Then conn.Dispose()
End Try
End Function
Shared Function GetData(ByVal conn As SqlConnection, ByVal selectCommandText As String, ByVal selectCommandType As CommandType, ByVal ParamArray params As SqlParameter()) As DataTable
If conn Is Nothing Then Return GetData(selectCommandText, selectCommandType, params)
Dim sa As SqlDataAdapter = Nothing
Try
sa = New SqlDataAdapter(selectCommandText, conn)
sa.SelectCommand.CommandType = selectCommandType
Dim dt As New DataTable
Try
For Each param As SqlParameter In params
sa.SelectCommand.Parameters.Add(param)
Next
sa.Fill(dt)
Return dt
Catch ex As Exception
dt.Dispose()
Throw ex
End Try
Finally
If sa IsNot Nothing Then sa.Dispose()
End Try
End Function
In the Try Catch area of exeption handling the code breaks and throws the exception error. It saying Incorrect syntax near 'a379'. which is first the part of sid (GUID). I mean the sid value is 9417A379-6371-432F-9DA5-BCFC46DD95A1
I am not sure how to handle this. I want to select the id from from SQC table and store it in a variable.
I am looking for your advice and suggestion. As I am new in the programming world please also point me my mistakes.
Thanks
It looks like your issue could be fixed like so:
SQID = Core.DB.GetString("SELECT id FROM SQC WHERE sid = '" & sid & "'")
But you should be aware that this style of code is open to SQL injection and you may want to look at ways of parameterising your queries (i.e. don't take what's in this project as good practice).
I'm trying to scrape some schedules off of a website. the information is displayed in a GridView with paging.
The url is:
http://www.landmarkworldwide.com/when-and-where/register/search-results.aspx?prgid=0&pgID=270&crid=0&ctid=&sdt=0
My Issue is when I want to scrape pages other then #1 in the grid view.
The best post I found so far was This One, but it doesn't work and that topic is not complete. I tried to use Fiddler and Chrome to get the post data and use it, but I can't get it to work for me. Can you guys see what's missing?
Here's the code I am using. it's in VB, but you can answer in C# and I'll translate -) (sorry)
Protected Sub Page_Load(sender As Object, e As System.EventArgs) Handles Me.Load
Dim lcUrl As String = "http://www.landmarkworldwide.com/when-and-where/register/search-results.aspx?prgid=0&pgID=270&crid=0&ctid=&sdt=0"
' first, request the login form to get the viewstate value
Dim webRequest__1 As HttpWebRequest = TryCast(WebRequest.Create(lcUrl), HttpWebRequest)
Dim responseReader As New StreamReader(webRequest__1.GetResponse().GetResponseStream())
Dim responseData As String = responseReader.ReadToEnd()
responseReader.Close()
' extract the viewstate value and build out POST data
Dim viewState As String = ExtractViewState(responseData)
Dim loHttp As HttpWebRequest = DirectCast(WebRequest.Create(lcUrl), HttpWebRequest)
' *** Send any POST data
Dim lcPostData As String = [String].Format("__VIEWSTATE={0}&__EVENTTARGET={1}&__EVENTARGUMENT={2}", viewState, HttpUtility.UrlEncode("contentwrapper_0$maincontent_0$maincontentfullwidth_0$ucSearchResults$gvPrograms"), HttpUtility.UrlEncode("Page$3"))
loHttp.Method = "POST"
Dim lbPostBuffer As Byte() = System.Text.Encoding.GetEncoding(1252).GetBytes(lcPostData)
loHttp.ContentLength = lbPostBuffer.Length
Dim loPostData As Stream = loHttp.GetRequestStream()
loPostData.Write(lbPostBuffer, 0, lbPostBuffer.Length)
loPostData.Close()
Dim loWebResponse As HttpWebResponse = DirectCast(loHttp.GetResponse(), HttpWebResponse)
Dim enc As Encoding = System.Text.Encoding.GetEncoding(1252)
Dim loResponseStream As New StreamReader(loWebResponse.GetResponseStream(), enc)
Dim lcHtml As String = loResponseStream.ReadToEnd()
loWebResponse.Close()
loResponseStream.Close()
Response.Write(lcHtml)
End Sub
Private Function ExtractViewState(s As String) As String
Dim viewStateNameDelimiter As String = "__VIEWSTATE"
Dim valueDelimiter As String = "value="""
Dim viewStateNamePosition As Integer = s.IndexOf(viewStateNameDelimiter)
Dim viewStateValuePosition As Integer = s.IndexOf(valueDelimiter, viewStateNamePosition)
Dim viewStateStartPosition As Integer = viewStateValuePosition + valueDelimiter.Length
Dim viewStateEndPosition As Integer = s.IndexOf("""", viewStateStartPosition)
Return HttpUtility.UrlEncodeUnicode(s.Substring(viewStateStartPosition, viewStateEndPosition - viewStateStartPosition))
End Function
To make it work you need to send all input fields to the page, not only viewstate. Other critical data is the __EVENTVALIDATION for example that you do not handle it. So:
First you need to make scrape on the #1 page. So load it and use the Html Agility Pack to convert it to a usable struct.
Then extract from that struct the input data that you need to post. From this answer HTML Agility Pack get all input fields here is a code sniped on how you can do that.
foreach (HtmlNode input in doc.DocumentNode.SelectNodes("//input"))
{
// use this to create the post string
// input.Attributes["value"];
}
Then when you have the post data that is needed to be a valid post, you move to the next step. Here is an example How to pass POST parameters to ASP.Net web request?
You can also read: How to use HTML Agility pack
I have a class called tdes which looks like this:
Imports Microsoft.VisualBasic
Imports System
Imports System.Collections.Generic
Imports System.Text
Imports System.Security.Cryptography
Imports System.IO
Namespace security
Public Class tdes
Private des As New TripleDESCryptoServiceProvider()
Private utf8 As New UTF8Encoding()
Private keyValue As Byte()
Private iVValue As Byte()
Public Property Key() As Byte()
Get
Return keyValue
End Get
Set(ByVal value As Byte())
keyValue = value
End Set
End Property
Public Property iV() As Byte()
Get
Return iVValue
End Get
Set(ByVal value As Byte())
iVValue = value
End Set
End Property
Public Sub New(ByVal key As Byte(), ByVal iV As Byte())
Me.keyValue = key
Me.iVValue = iV
End Sub
Public Function ByteDecrypt(ByVal bytes As Byte()) As String
Dim output As Byte()
output = Transform(bytes, des.CreateDecryptor(Me.keyValue, Me.iVValue))
'Return Convert.ToBase64String(output)
Return utf8.GetString(output)
End Function
Public Function ByteEncrypt(ByVal bytes As Byte()) As Byte()
Return Transform(bytes, des.CreateEncryptor(Me.keyValue, Me.iVValue))
End Function
Public Function StringDecrypt(ByVal text As String) As String
Dim input As Byte() = Convert.FromBase64String(text)
Dim output As Byte() = Transform(input, des.CreateDecryptor(Me.keyValue, Me.iVValue))
Return utf8.GetString(output)
End Function
Public Function StringEncrypt(ByVal text As String) As String
Dim input As Byte() = utf8.GetBytes(text)
Dim output As Byte() = Transform(input, des.CreateEncryptor(Me.keyValue, Me.iVValue))
Return Convert.ToBase64String(output)
End Function
Public Function StringEncryptByte(ByVal text As String) As Byte()
Dim input As Byte() = utf8.GetBytes(text)
Dim output As Byte() = Transform(input, des.CreateEncryptor(Me.keyValue, Me.iVValue))
'Return Convert.ToBase64String(output)
Return output
End Function
Private Function Transform(ByVal input As Byte(), ByVal cryptoTransform As ICryptoTransform) As Byte()
' Create the necessary streams
Dim memory As New MemoryStream()
Dim stream As New CryptoStream(memory, cryptoTransform, CryptoStreamMode.Write)
' Transform the bytes as requesed
stream.Write(input, 0, input.Length)
stream.FlushFinalBlock()
' Read the memory stream and convert it back into byte array
memory.Position = 0
Dim result As Byte() = New Byte(memory.Length - 1) {}
memory.Read(result, 0, result.Length)
' Clean up
memory.Close()
stream.Close()
' Return result
Return result
End Function
End Class
End Namespace
And it works well encrypting and decrypting things. I want to encrypt some existing passwords in a database table, so I've run a little script on them which encrypt them like so (lots missing for brevity):
Dim key As Byte() = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24}
Dim iv As Byte() = {8, 7, 6, 5, 4, 3, 2, 1}
Dim enc As New security.tdes(key, iv)
Dim i As Integer = 0
Using oConn As New SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings("pitstopConnectionString").ConnectionString)
Using cmd As New SqlCommand("doUpdatePasswords", oConn)
cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("#userid", userid)
cmd.Parameters.AddWithValue("#newpassword", enc.StringEncryptByte(currentPassword))
oConn.Open()
Try
i = cmd.ExecuteNonQuery()
Catch ex As Exception
Exit Sub
End Try
End Using
End Using
This has successfully encrypted all my passwords for all the records in the table. Now, when I allow someone to login, I want to compare the two values (what was typed in, to what the stored password is) and I assumed the best way would be to decrypt the stored and compare using strings? Like so:
If (enc.ByteDecrypt(pwdenc).ToString() = pitstop.doMakeSafeForSQL(txtPassword.Text.ToString.ToLower)) Then
However, I get all sorts of bizarre errors; Unable to cast object of type 'System.String' to type 'System.Byte[]'. is one, Invalid character in a Base-64 string. is another based on how I call the password in the proceeding SQLDataReader:
Using oConn As New SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings("pitstopConnectionString").ConnectionString)
Using cmd As New SqlCommand("doGetEncryptedForLogin", oConn)
cmd.CommandType = CommandType.StoredProcedure
cmd.Parameters.AddWithValue("#email", pitstop.doMakeSafeForSQL(txtEmail.Text.ToString.ToLower))
oConn.Open()
Using dr As SqlDataReader = cmd.ExecuteReader()
If dr.HasRows() = True Then
While dr.Read()
pwdenc = dr("password_b")
End While
Else
pitstop.doLogIt("Denied login for [" & txtEmail.Text & "]")
litError.Text = "The details you have provided are incorrect. Please try again."
pnlDenied.Visible = True
Exit Sub
End If
dr.Close()
End Using
End Using
End Using
Help or advice welcomed, as I'm stumped here...
Since noone else seems to answer, I'll give you my own two cents. I remember having experienced a similiar situation when I started "playing" with encryption, more than three years ago; in my case the problem was somehow related with the Base64 conversion, though I cannot remember the exact details now.
I suggest you going through a calm and patient debugging session, tracking down all the values of the strings, the byte arrays before and after crypting and decrypting.
I understand it's not a great help, but I hope at least can direct you in the right direction.
I fixed this error by replacing my 'encryption' class with Jeff Atwood's (www.codinghorror.com) fantastic encryption tools.
I did want to salt the passwords and store the salt, but I run out of time to implement that and will have to return to it. In the meantime, I've used this code as my encrypt and decrypt functions - I hope this is of some assistance to someone:
Dim key As String = System.Configuration.ConfigurationManager.AppSettings("key").ToString()
Dim salty As String = pitstop.doMakeSafeForSQL(txtEmail.Text.ToString().ToLower())
Dim p As Encryption.Symmetric.Provider = Encryption.Symmetric.Provider.TripleDES
Dim sym As New Encryption.Symmetric(p)
sym.Key.Text = key
Dim encryptedData As Encryption.Data
encryptedData = sym.Encrypt(New Encryption.Data(pitstop.doMakeSafeForSQL(txtPassword.Text.ToString().ToLower())))
Decryption:
Dim decryptedData As Encryption.Data
Dim pr As Encryption.Symmetric.Provider = Encryption.Symmetric.Provider.TripleDES
Dim sym2 As New Encryption.Symmetric(pr)
sym2.Key.Text = System.Configuration.ConfigurationManager.AppSettings("key").ToString()
Try
decryptedData = sym2.Decrypt(encryptedData)
Catch ex As Exception
// removed for brevity //
End Try
If anyone has any articles or advice on how to create, store and retrieve salted passwords, I'd love to see it.
Chris