public static void ConvertAllPasswords() { // customer table: using (var con = new SqlConnection(DB.GetDBConn())) { con.Open(); using (var rs = DB.GetRS("select CustomerID,Password from Customer with (NOLOCK) where SaltKey in (-1,-2)", con)) { while (rs.Read()) { if (DB.RSField(rs, "Password").Length != 0 || DB.RSField(rs, "Password") != ro_PasswordDefaultTextForAnon) { var PWD = UnmungeStringOld(DB.RSField(rs, "Password")); if (PWD.StartsWith(ro_DecryptFailedPrefix, StringComparison.InvariantCultureIgnoreCase)) { // must have been in clear text: PWD = DB.RSField(rs, "Password"); } var Salt = Encrypt.CreateRandomSalt(); var p = new Password(PWD, Salt); DB.ExecuteSQL("update Customer set Password="******", SaltKey=" + Salt.ToString() + " where CustomerID=" + DB.RSFieldInt(rs, "CustomerID").ToString()); } } } } // Affiliate Table: using (var con = new SqlConnection(DB.GetDBConn())) { con.Open(); using (var rs = DB.GetRS("select AffiliateID,Password,SaltKey from Affiliate with (NOLOCK) where SaltKey in (-1,-2)", con)) { while (rs.Read()) { if (DB.RSField(rs, "Password").Length != 0 || DB.RSField(rs, "Password") != ro_PasswordDefaultTextForAnon) { var PWD = UnmungeStringOld(DB.RSField(rs, "Password")); if (PWD.StartsWith(ro_DecryptFailedPrefix, StringComparison.InvariantCultureIgnoreCase)) { PWD = DB.RSField(rs, "Password"); } var Salt = Encrypt.CreateRandomSalt(); var p = new Password(PWD, Salt); // PWD in this call is still in clear text really DB.ExecuteSQL("update Affiliate set Password="******", SaltKey=" + Salt.ToString() + " where AffiliateID=" + DB.RSFieldInt(rs, "AffiliateID").ToString()); } } } } }
public RandomStrongPassword() : base(Encrypt.CreateRandomStrongPassword(ro_RandomStrongPasswordLength), Encrypt.CreateRandomSalt()) { }
public Password() { m_ClearPassword = Encrypt.CreateRandomStrongPassword(8); m_Salt = Encrypt.CreateRandomSalt(); m_SaltedPassword = Encrypt.ComputeSaltedHash(m_Salt, m_ClearPassword); }
public Password(string ClearPassword) { m_ClearPassword = ClearPassword; m_Salt = Encrypt.CreateRandomSalt(); m_SaltedPassword = Encrypt.ComputeSaltedHash(m_Salt, m_ClearPassword); }
public RandomPassword() : base(Encrypt.CreateRandomPassword(ro_RandomPasswordLength, CommonLogic.IIF(AppLogic.AppConfig("NewPwdAllowedChars").Length == 0, @"abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNOPQRSTUVWXYZ23456789~!@#$%&*()_-={}[]\\|;:\,./?", AppLogic.AppConfig("NewPwdAllowedChars"))), Encrypt.CreateRandomSalt()) { }