Macnique Macnique - 7 days ago 6
ASP.NET (C#) Question

FIPS validated algorithm to store passwords in a database?

I am looking for a FIPS validated hash algorithm to store passwords in the database.
I did use the following code but I still get the error


This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.


SHA1CryptoServiceProvider Testsha1 = new SHA1CryptoServiceProvider();
byte[] hashedBytes;
UTF8Encoding encoder = new UTF8Encoding();
hashed = Testsha1.ComputeHash(encoder.GetBytes(strPassword));
StringBuilder sb = new StringBuilder();
for (int i = 0; i < hashed.Length; i++)
{
sbuilder.Append(hashed[i].ToString("x2"));
}
string Password = sb.ToString();

Answer

Adding the following line in web.config under system.web section

<machineKey validationKey="AutoGenerate,IsolateApps" ecryptionKey="AutoGenerate,IsolateApps" validation="3DES" decryption="3DES"/>

solved my problem

Comments