What's the simplest way to upgrade a VB.NET site to using encrypted passwords? Are there easy to use encryption algorithms built in to System.UI?My site is using plain text password storage, and it will soon be going to a public server at godaddy from a private one on the local network. I'm going to have to start adding in encryption algorithms to all the password parsing functions, and it would be nice if I could just set a SALT key in the web.config file and Encrypt(password) or something like that.
Im doing a lil coding project in vb .net, i wrote up my login script and can can successful connect to a mysql database (not talking about the wordpress one) and pull login data from a table(called logins, fields are just username and password) to use for logging into my application. When i looked at the password fields in the wordpress database all the passwords are like encrypted and are random characters.
So the problem is im not sure of what type of encryption it is, and how I can utilize it for my login form in my vb project. I havn't tried coding this since i was certain if it was possible.
I use AES encryption in my vb.net 2008 windows forms apps to ....
1. Store user passwords in sql server express database in encrypted form
2. decrypt the encrypted Sql server express connection string password on the fly when connecting to SQl Server over a vpn or direct to web based sql server database
3. decrypt the encrypted ftp site password on the fly when my application connects to my ftp site to upload client's database backups
The issue I have is that the secret key for the encryption / decryption is hard coded within the encryption/decryption functions. So anybody who decompiled my application would be able to generate the same encryption, as they would have the encryption secret key How can you hide the encryption secret key so that if anybody decompiled my app they could not reproduce the decryption function
I am attempting to find some code to use in VB.NET to decrypt a string that has been encrypted using the Java crypto libary.All of the code I have found so far uses an Initialisation Vector and Key to decrypt but the string has been encrypted using the Key only. (Using an Initialisation Vector is apperently an optional step in Java).Does anyone know of code that I can use (preferably in VB.NET but i could convert C#) to decrypt AES 128 Bit encoded string without an Initialisation Vector?
I am not sure if this is possiable but I am looking to build an application that will login to a web site, navigate the site and download files. I would like to do this all in code and able to run multiple instances of the program to get information from many different web sites. Is something like this possiable in VB.net?
Ive got an app that holds a list of site we have, At each site there are a few devices. The idea is when they click on a site all the details for the site are loaded and then a second thread sits and pings each device to see if its live. Im trying to do this in a seperate thread so if they click another site while its still pinging them it doesn't wait before it switches site. This all seems to be workling fine except if you click through the sites quickly, when you do that it will eventually come up with
Quote:
{"Collection was modified; enumeration operation might not execute."}
The error flags up on the "Next" line in "ThreadedPing"
Thread stuff
Public Sub ThreadedPing(ByVal dt As DataTable) Try
When i publish my program i choose to let the application check for updates via a website and if their is one update automatically when the program starts. Is their a way were on the main user form i can make it so that the user can change the update site with out me building the program again with the new site. I want to do this becuase the site i use goes down alot so when i changed the update url no one was able to download the update for the new update server.
I'm deploying a VB.Net app (VS 2010 Pro) that requiers the user click a command button to open IE to a financial WEB site and download informaion from the site. The app works fine in every detail when installed on the development computer. But, on the target computer when the command button is clicked an unhandled exception occurs which says: System.IO. FileNotFoundException:File Not found.My code behind the button is Shell("C:Program Files (x86)Internet Exploreriexplore.exe www,fidelity.com",AppWinStyle.NormalFocus)
This works fine on the development computer. Do I need a way to code this as a relative path? If so,can you tell me how this is done?Throughout the app I have written relative paths to needed files using paths like (Open(Environment. GEtFolderPath (Environment. SpecialFoldder.Desktop) + "File Name). They all work fine when deployed.
I'm being asked to maintain several internal-only web apps for my company. For testing, after making my changes, I've created some staging sites which make use of separate databases. As such, if my users were to mistakenly use this site as if it were the production site, they may enter important data and wonder where it "disappeared" to thinking it was the production server.
I'd like to create a big banner of some sort across the top of the staging site (which ONLY appears on the staging site) to remind my users that they are on the test site. I'd like recommendations on the best way to do this, with the following considerations:
IDE: Visual Studio 2008 Server: Windows 2003 with IIS 6 Language: VB.NET 2.0
when i am surfing in one site,i want to see the another URL...without going URL directly access the login......for example this is the login page url i want know automatic login to this page [URL]
I know its a very basic problem but what is the best way to store passwords and usernames in visual basic 2008? I need to be able to add them whist in runtime and I also need to be able to obviosly get the program to check wether inputted username and passwords are correct.I am VERY new to programming so please explain your answeres in dummy language
I'm trying to write a program right now for my computer science class for a program where you insert text into a text box, (the text being a password), and then click a submit button. The goal of the assignment is to have a program that looks at the user given password and see if it matches the const password (or one of the three const passwords in my case). If it doesn't, it is supposed to loop back so you can re-input the password. Also, If you enter the correct password, the loop ends and you are to get a msgbox (or, in my case three different ones), and then the application closes. We are to write the code so that if the password is wrong "x" (insert 3 as the number I have chosen), a MsgBox will pop up with a message saying something along the lines of "you have gotten the password wrong to many times.", and then the application is supposed to close. I don't think I could rant on much more, I've done a good (or in my eyes terrible) job of summarizing the assignment.
[Code]...
My problem (aside from, I don't know, a problem with my code itself) is that when It reaches the loop, it goes through all the code again, but I'm unable to change the user given password, and so it just pops up the three failed password entry MsgBoxes (the code for which is temporarily removed), then the failed to many times MsgBox, OR one of the successful message boxes. What I'm wondering is if anyone can help me fix my code so that it functions as desired.
I am using VB.NET 2010. I have a Windows 2008 Web Server, where about 80 user accounts are activated. It is NO Active Directory Environment!!! This is a server, where Windows SharePoint Services are hosted. So, once a year, I have to give all users a new password. (I have to give it, because of some security thinkings of the owner of this Page). So, changing the password for each person is a very long activity. How can I do this by a VB.NET Program? - When I am logged on as an Administrator to this server?
The following webpage talks about using impersonation in code (ASP.NET)[url]... I am thinking about creating a class for the code, then the application can call impersonateValidUser and undoimpersonation.
I am concerned about putting usernames and passwords in my code as surely anyone will be able to see them using a tool like ILDASM. What is the best way to hide these passwords?
The article has a section titled: Impersonate the IIS Authenticated Account or User. I thought about creating an impersonated user in the Web.Config, but this would mean that the entire application is run as the inpersonated user. I only want a very small part of the application to run as the impersonated user - when it is necesary to access and update active directory.
How to do this: I have a webbrowser on a normal form with a listbox undernieth it. I would like the program to get the passwords from IE or FIREFOX so then I could import them into my webbrowser.
I recently made a small app for a friend and then made it a public app, in doing so I forgot that it connects to my MS SQL DB and checks for values. Someone used Red Gate .Net Reflector to get my password and destroy it all. I've contacted their ISP and they are looking into it, apparently this person has a static ip with them.So this is a lesson learned at a heavy price for me. How can I prevent this from happening again? How can I get away from the unsafe connection string they were able to use?
Yesterday night a friend did ask me what encrypting i normally use for my login passwords on the programs i make.Wel my answer = NO Encryption cause most of programs i write with a login on it as protection is only for local use.But still lately iam starting to get more intrested to make programs that are using external databases like MySql.So my Question is how to put sh1 encryption on a password.i need this in 2 ways 1. how to use it when i register a password to a database.2. how to use it when i read the password out of the database.( i dont need to know how to make a connection to mysql or etc. just the info to encrypt.)
Can someone tell me how Active Directory stores it's passwords for users? Is it like this answer : storing passwords in SQL Server Is it a hash and a salt or multiple hashes?
EDIT I ask because I want to mimic the way they store them for a custom authorization application I want to build. Or if someone can offer a existing framework or class that handles user authorization for a web application. If I can use asp.net membership for multiple applications using web service that would be even better.
I have a scenario that has been troubling me for years. If you have to connect to a database or other service (like a web service) using a username and password, where would be the safest place to store this information if you are connecting through a .NET assembly? I understand that you would have to encrypt the password, but then you run into a kind of chicken-egg problem -- fine -- you can encrypt it, but then where do you put the key?In .NET, you can't hardcode the password because you can decompile .NET code.
I looked at using assembly based rights with Isolated Storage, but MS recommends against storing unencrypted secret items there because priveledged users can gain access, so again, we are moving the problem from point A to point B. So for examplem, a domain admin with no need to know about the information in a database would be able to get access because of the ability to be an admin on any workstation on the domain.You can encrypt App.Config and Web.Config, but I believe priveledges users can access the keys. I think you run into the same problem with DPAPI.
I had considered storing the passwords, encrypted in a remoted database and getting them through OS authentication, but our department prohibits the storage of passwords on database servers. I am pretty sure I am stuck and wanted confirmation.
i'm oding a project which involves using a log in form, from which the username and passwords are compared to. However, at the moment, my code works, but not case sensitively!
Private Sub btnLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnLogin.Click Dim sql = "SELECT Username,Password FROM login WHERE Username = '" &
I am building a small office application that requires users to log in dont need encryption or other sophisticated aproaches. all i need is an array of passwords that users can log in.
So If passtext.text= "test" or "test1" or test2" then
I am trying to get use to this....I need to know how to type in a database for my usernames and passwords??? I am using visual basic 2008, which I think is visual.net? anyway...heres my code:
Code: Public Class login Private Sub login_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load Hello.Hide()
I need to write a program allowing the user to enter up to five passwords at one time. I have the textboxes set the way I need. When the user presses the button, the code should check every password they ve entered, and flag any passwords that are invalid. A valid password includes the following:
At least 6 and not more than 15 characters At least one uppercase alpha character At least one lowercase alpha character At least one numeric character
I'm a little confused about how to check each character of the entered passwords for these conditions.Because it must include alpha characters, I believe I have to do something with ASC and CHAR variables. This is my first post and I need to have this done within a few hours, haha. Help would be awesome.
I am using vb.net (visual studio 2010) and have made a form application that uses a login screen. All that works but I am having trouble any firm way to encrypt the passwords in the database. The encryption doesn't have to be very high standard as its just for a college project. Whats the best way to encrypt the password into the database? Or just encrypt the password string, I can then sort out the database end myself.
I have an app that, depending on what day it is, exports a few reports from accsess, then emails them using gmail.the app works from my machine - xp pro, test machine - Vista Ultimate, but neither of the machines that it is supposed to be working on remotely. All user names passwords, authentication method etc are correct as i don't believe they would work on a local or virtual machine otherwise.Remote machines are running Vista, they use the Gmail account that is programed in, the firewalls are off. error returned is simply "Failure sending mail"machine is of course connected to the internet and normally able to send and receive mail. code used (or at least a big chunk of ) below
Emaildays: 'now that we have the access reports exported, lets send them Dim Emails As New System.Net.Mail.MailMessage(My.Settings.frominfo,
I want for the local intranet user with limited rights to be able to update Active Directory from his own limited account. For this, we created a separate Windows account as an intermediary, which has appropriate Domain Admin permissions. Now we want to use these credentials (account name, password) in the client program (a Windows Forms application) the user will work with to update Active Directory.
The problem is... it seems DirectoryEntry object in .NET 2.0 only accepts plain passwords. Hashed passwords (I tested MD5) don't work.
Is there a way to configure DirectoryEntry so that it would work with hashed ones? Something to do with authentication types?
Below is my sample code that works with plain passwords but rejects hashed:- - -
Dim Entry As DirectoryEntry = New DirectoryEntry(ActiveDirectoryServer, sUserName, sHashedPasswordUsingMD5) Dim Searcher As New DirectorySearcher(Entry)
