Esempio n. 1
0
        public static void ConvertAllPasswords()
        {
            // customer table:
            using (var con = new SqlConnection(DB.GetDBConn()))
            {
                con.Open();
                using (var rs = DB.GetRS("select CustomerID,Password from Customer  with (NOLOCK)  where SaltKey in (-1,-2)", con))
                {
                    while (rs.Read())
                    {
                        if (DB.RSField(rs, "Password").Length != 0 ||
                            DB.RSField(rs, "Password") != ro_PasswordDefaultTextForAnon)
                        {
                            var PWD = UnmungeStringOld(DB.RSField(rs, "Password"));
                            if (PWD.StartsWith(ro_DecryptFailedPrefix, StringComparison.InvariantCultureIgnoreCase))
                            {
                                // must have been in clear text:
                                PWD = DB.RSField(rs, "Password");
                            }
                            var Salt = Encrypt.CreateRandomSalt();
                            var p    = new Password(PWD, Salt);
                            DB.ExecuteSQL("update Customer set Password="******", SaltKey=" + Salt.ToString() + " where CustomerID=" + DB.RSFieldInt(rs, "CustomerID").ToString());
                        }
                    }
                }
            }

            // Affiliate Table:
            using (var con = new SqlConnection(DB.GetDBConn()))
            {
                con.Open();
                using (var rs = DB.GetRS("select AffiliateID,Password,SaltKey from Affiliate  with (NOLOCK)  where SaltKey in (-1,-2)", con))
                {
                    while (rs.Read())
                    {
                        if (DB.RSField(rs, "Password").Length != 0 ||
                            DB.RSField(rs, "Password") != ro_PasswordDefaultTextForAnon)
                        {
                            var PWD = UnmungeStringOld(DB.RSField(rs, "Password"));
                            if (PWD.StartsWith(ro_DecryptFailedPrefix, StringComparison.InvariantCultureIgnoreCase))
                            {
                                PWD = DB.RSField(rs, "Password");
                            }
                            var Salt = Encrypt.CreateRandomSalt();
                            var p    = new Password(PWD, Salt);                          // PWD in this call is still in clear text really
                            DB.ExecuteSQL("update Affiliate set Password="******", SaltKey=" + Salt.ToString() + " where AffiliateID=" + DB.RSFieldInt(rs, "AffiliateID").ToString());
                        }
                    }
                }
            }
        }
Esempio n. 2
0
 public RandomStrongPassword()
     : base(Encrypt.CreateRandomStrongPassword(ro_RandomStrongPasswordLength), Encrypt.CreateRandomSalt())
 {
 }
Esempio n. 3
0
 public Password()
 {
     m_ClearPassword  = Encrypt.CreateRandomStrongPassword(8);
     m_Salt           = Encrypt.CreateRandomSalt();
     m_SaltedPassword = Encrypt.ComputeSaltedHash(m_Salt, m_ClearPassword);
 }
Esempio n. 4
0
 public Password(string ClearPassword)
 {
     m_ClearPassword  = ClearPassword;
     m_Salt           = Encrypt.CreateRandomSalt();
     m_SaltedPassword = Encrypt.ComputeSaltedHash(m_Salt, m_ClearPassword);
 }
Esempio n. 5
0
 public RandomPassword() : base(Encrypt.CreateRandomPassword(ro_RandomPasswordLength, CommonLogic.IIF(AppLogic.AppConfig("NewPwdAllowedChars").Length == 0, @"abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNOPQRSTUVWXYZ23456789~!@#$%&*()_-={}[]\\|;:\,./?", AppLogic.AppConfig("NewPwdAllowedChars"))), Encrypt.CreateRandomSalt())
 {
 }