Important Notice from AspDotNetStorefront
It is with dismay that we report that we have been forced, through the action of hackers, to shut off write-access to this forum. We are keen to leave the wealth of material available to you for research. We have opened a new forum from which our community of users can seek help, support and advice from us and from each other. To post a new question to our community, please visit: http://forums.vortx.com
Results 1 to 5 of 5

Thread: Password Encryption

  1. 04-08-2010, 12:01 AM #1
    larryj53 is offline Junior Member
    Join Date
    Apr 2010
    Posts
    1

    Default Password Encryption

    I have referenced the ASPDNSFEncrypt.dll, and am able to call its methods. I want to verify that the password entered in on my Login page is correct. I don't know if this is the preferred method, but I accessed the Customer table by email address and obtained the SaltKey. Then I encrypted the typed in password, with the SaltKey, and used it to verify the password in the Customer table. If there is a more direct method, please let me know.
  2. 04-08-2010, 06:45 AM #2
    George the Great is offline Senior Member
    Join Date
    Nov 2006
    Location
    Cleveland, OH
    Posts
    1,792

    Default

    What exactly are you trying to do? Are you trying to insert encrypted passwords directly into the customer table? Are you importing customers with plain text passwords and then trying to encrypt them?
    <a href="http://www.aspdotnetstorefront.com">Shopping Cart Software</a>
  3. 04-12-2010, 01:10 PM #3
    mgibbs is offline Senior Member
    Join Date
    Jan 2005
    Location
    Orange County, CA
    Posts
    194

    Default

    If you are looking to have your own application authenticate against the ASPDNSF database, instead of referencing the ASPDNSFEncrypt.dll, couldn't you instead reference the AspDotNetStorefrontCore.dll (after 8.0.1.1, AspDotNetStorefrontCommon.dll before that) and then follow the logic used on the sign in page (assuming of course that you've got access to the proper connection string)?

    Something like:
    C#/VB.NET Code:
    bool LoginOk;
    = new Customer(EmailAddresstrue);
    if (    c.IsRegistered)
    {
            // Check the password
            LoginOk c.CheckLogin(PassworField);

        if (    LoginOk)
        {
                // See if they are unlocked, active and if true, do what you want with this information
            }
        else
        {
                // Your code to handle failed logins
            }
    }
    else
    {
            // Customer doesn't have a login in the store
    Would that work for you?
    Last edited by mgibbs; 04-12-2010 at 01:10 PM. Reason: typo
    EMM for AspDotNetStorefront - Communicate effectively with your customers
  4. 04-19-2010, 04:11 PM #4
    witchikikoy is offline Junior Member
    Join Date
    Oct 2009
    Posts
    14

    Default

    Hi, I think we have the same problem. I am developing a windows application that connects to our storefront's database. How could I access the unencrypted password value and compare it with the value of my password.Text value?
  5. 04-20-2010, 06:06 PM #5
    chrismartz is offline Senior Member
    Join Date
    Apr 2010
    Posts
    339

    Default

    Quote Originally Posted by witchikikoy View Post
    Hi, I think we have the same problem. I am developing a windows application that connects to our storefront's database. How could I access the unencrypted password value and compare it with the value of my password.Text value?
    I don't believe you would want to get the password in clear text and compare it to the password you are passing it. I believe the better option would be to encrypt your password and compare it to the encrypted password in the db.