protected void btnLogin_Click(object sender, EventArgs e) { DbLayer db = new DbLayer(); String id = tbLoginId.Text; string passwordHashSha256 = db.getUserPwd(id); if (passwordHashSha256 == null) { string script = "alert(\"Try Again!\");"; ScriptManager.RegisterStartupScript(this, GetType(), "ServerControlScript", script, true); return; } // Hashing Password string pwd = ""; if (id.Length / 3 == 0) { pwd = SimpleHash.VerifyHash(tbLoginPwd.Text, "SHA2", passwordHashSha256).ToString(); } else if (id.Length / 3 == 2) { pwd = SimpleHash.VerifyHash(tbLoginPwd.Text, "SHA256", passwordHashSha256).ToString(); } else { pwd = SimpleHash.VerifyHash(tbLoginPwd.Text, "SHA512", passwordHashSha256).ToString(); } if (pwd.Equals("False")) { string script = "alert(\"Try Again!\");"; ScriptManager.RegisterStartupScript(this, GetType(), "ServerControlScript", script, true); return; } else { Response.Cookies["user"].Value = id; Response.Cookies["user"].Expires = DateTime.Now.AddDays(3); db.updateUserConnectionCount(id); if (!id.Equals("*****@*****.**")) { Response.Redirect("Default.aspx"); } else { Response.Redirect("Restaurant.aspx"); } } }
protected void Button1_Click(object sender, EventArgs e) { DbLayer db = new DbLayer(); // Validation Old Password bool bCheckPwdOld = PasswordCheck.IsValidPassword(tbOldPwd.Text, 8, 4, true, true, true, true); if (!bCheckPwdOld) { string script = "alert(\"At least 8 characters, all strong conditions met (>= 8 chars with 1 or more UC letters, LC letters, digits & special chars)\");"; ScriptManager.RegisterStartupScript(this, GetType(), "ServerControlScript", script, true); return; } //A1contact! string passwordHashSha256 = db.getUserPwd(tbEmail.Text); if (passwordHashSha256 == null) { string script = "alert(\"Try Again!\");"; ScriptManager.RegisterStartupScript(this, GetType(), "ServerControlScript", script, true); return; } // Hashing Password string pwdOldCheck = ""; if (Request.Cookies["user"].Value.Length / 3 == 0) { pwdOldCheck = SimpleHash.VerifyHash(tbOldPwd.Text, "SHA2", passwordHashSha256).ToString(); } else if (Request.Cookies["user"].Value.Length / 3 == 2) { pwdOldCheck = SimpleHash.VerifyHash(tbOldPwd.Text, "SHA256", passwordHashSha256).ToString(); } else { pwdOldCheck = SimpleHash.VerifyHash(tbOldPwd.Text, "SHA512", passwordHashSha256).ToString(); } if (pwdOldCheck.Equals("False")) { string script = "alert(\"Input Correct Password!\");"; ScriptManager.RegisterStartupScript(this, GetType(), "ServerControlScript", script, true); return; } // Validation Password bool bCheckPwd = PasswordCheck.IsValidPassword(tbRegPwd.Text, 8, 4, true, true, true, true); if (!bCheckPwd) { string script = "alert(\"At least 8 characters, all strong conditions met (>= 8 chars with 1 or more UC letters, LC letters, digits & special chars)\");"; ScriptManager.RegisterStartupScript(this, GetType(), "ServerControlScript", script, true); return; } //A1contact! string pwd = ""; if (tbUserName.Text.Length / 3 == 0) { pwd = SimpleHash.ComputeHash(tbRegPwd.Text, "SHA1", null); } else if (tbUserName.Text.Length / 3 == 2) { pwd = SimpleHash.ComputeHash(tbRegPwd.Text, "SHA256", null); } else { pwd = SimpleHash.ComputeHash(tbRegPwd.Text, "SHA512", null); } //int id = db.getMaxUser(); db.UpdateUserPwd(userID, pwd); Response.Redirect("Login.aspx"); }
static void Main(string[] args) { string password = "******"; // original password string wrongPassword = "******"; // wrong password string passwordHashMD5 = SimpleHash.ComputeHash(password, "MD5", null); string passwordHashSha1 = SimpleHash.ComputeHash(password, "SHA1", null); string passwordHashSha256 = SimpleHash.ComputeHash(password, "SHA256", null); string passwordHashSha384 = SimpleHash.ComputeHash(password, "SHA384", null); string passwordHashSha512 = SimpleHash.ComputeHash(password, "SHA512", null); Console.WriteLine("COMPUTING HASH VALUES\r\n"); Console.WriteLine("MD5 : {0}", passwordHashMD5); Console.WriteLine("SHA1 : {0}", passwordHashSha1); Console.WriteLine("SHA256: {0}", passwordHashSha256); Console.WriteLine("SHA384: {0}", passwordHashSha384); Console.WriteLine("SHA512: {0}", passwordHashSha512); Console.WriteLine(""); Console.WriteLine("COMPARING PASSWORD HASHES\r\n"); Console.WriteLine("MD5 (good): {0}", SimpleHash.VerifyHash( password, "MD5", passwordHashMD5).ToString()); Console.WriteLine("MD5 (bad) : {0}", SimpleHash.VerifyHash( wrongPassword, "MD5", passwordHashMD5).ToString()); Console.WriteLine("SHA1 (good): {0}", SimpleHash.VerifyHash( password, "SHA1", passwordHashSha1).ToString()); Console.WriteLine("SHA1 (bad) : {0}", SimpleHash.VerifyHash( wrongPassword, "SHA1", passwordHashSha1).ToString()); Console.WriteLine("SHA256 (good): {0}", SimpleHash.VerifyHash( password, "SHA256", passwordHashSha256).ToString()); Console.WriteLine("SHA256 (bad) : {0}", SimpleHash.VerifyHash( wrongPassword, "SHA256", passwordHashSha256).ToString()); Console.WriteLine("SHA384 (good): {0}", SimpleHash.VerifyHash( password, "SHA384", passwordHashSha384).ToString()); Console.WriteLine("SHA384 (bad) : {0}", SimpleHash.VerifyHash( wrongPassword, "SHA384", passwordHashSha384).ToString()); Console.WriteLine("SHA512 (good): {0}", SimpleHash.VerifyHash( password, "SHA512", passwordHashSha512).ToString()); Console.WriteLine("SHA512 (bad) : {0}", SimpleHash.VerifyHash( wrongPassword, "SHA512", passwordHashSha512).ToString()); }