I'm developing an ASP.NET application using SQL Server Stored Procedures. I need to hash my login password and resolve it in my sp_LoginCheck Stored Procedure.
Any suggestions?
I have already inserted data in the database.
For example:
UserName/Password
ABC/123456
DEF/987654
I want to encrypt or hash whatsoever the password then decrypt it in the stored procedure and query the table so that I can acquire the data.
A very simple aproach is to use a MD5 hash.
Then in your application
You say
And store that in the DB.
When validating the password you just say something like
to see if you have a matching record.
As @zulq said there are better systems something that has a salt etc, however for basic password hashing as you requested, this will work.
However if you wish to do all this in a stored procedure. You can use the following HASHBYTES function in SQL
So same again when calling the stored procedure, you pass it the plain text password it hashes and stores
When validating you pass a stored procedure the username / password it validates and returns true or false or a row.