Encrypting Passwords in ASP

Passwords should by encrypted and stored in the database in an encrypted state. The function is not reversible, so there is no way to take the result and reverse it into the password. You will need to recreate the password with a new one. This is not high-level encryption, but it will slow people down. The password is always sent from the user inputpage to the page encrypting it. Somewhere in between the password *could* be intercepted. Using SSL to process logins will prevent the password from being intercepted.

This function gives a quick and easy way to encode a password into a non-human readable form. This means it is safer to store in a database, and should the database be viewed by anyone who shouldn't know the passwords, it will be much more difficult for them to work out what a user's password is.

<%
Function encrypt(x1, x2)
    s = ""
    t = 0
    For i = 1 to len(x1)
        t = t + asc(mid(x1,i,1))
    Next
    For i = 1 to len(x2)
        y = (t + asc(mid(x2,i,1)) * asc(mid(x2,((i+1) mod len(x2)+1),1))) mod 255
        s = s & chr(y)
    Next
    For i = (len(x2) + 1) to 10
        If t>598.8 Then t = 598.8
        y = t^3*i mod 255
        s = s & chr(y)
    Next
    encrypt = s
End Function
%>

<html>
<head>
<title>Encrypt</title>
</head>

<body>
<% If request.form("name") = "" Then %>
<form action="encrypt.asp" method="post">
<input type="text" name="name"><input type="text" name="pass">
<input type="submit">
</form>
<% Else %>
<% response.write encrypt(request.form("name"),request.form("pass")) %>
<% End If %>
</body>
</html>

My3C's
perrychicker
It's easy... it's a PSACAKE!
Back | Tell A Friend | Search this Site
1998 - 2014 psacake.com
Version 3.23

Send me One Million FREE Guaranteed Visitors