protected void btnLogin_Click(object sender, EventArgs e) { DataAccessLayer dao = new DataAccessLayer(); string userEmail = txtUserEmail.Text; string userPassWord = txtPassword.Text; string responseMessage = null; byte[] bytePassword = System.Text.ASCIIEncoding.ASCII.GetBytes(userPassWord); System.Security.Cryptography.HashAlgorithm hashAlgorithm; if (userEmail.Length % 3 == 0) { hashAlgorithm = SHA256.Create(); } else if (userEmail.Length % 3 == 1) { hashAlgorithm = SHA512.Create(); } else { hashAlgorithm = SHA1.Create(); } byte[] byteHashPassword = hashAlgorithm.ComputeHash(bytePassword); string encryptedPassword = Convert.ToBase64String(byteHashPassword); if (dao.CheckLoginUserExists(userEmail, encryptedPassword) == false) { responseMessage = "Invalid User"; responseLogin.Text = responseMessage; } else { Session["userEmail"] = userEmail; if (userEmail == "*****@*****.**") { Response.Redirect("~/Portal.aspx"); } else { Response.Redirect("~/Profile.aspx"); } } }