Macnique Macnique - 1 year ago 86
ASP.NET (C#) Question

FIPS validated algorithm to store passwords in a database?

I am looking for a FIPS validated hash algorithm to store passwords in the database.
I did use the following code but I still get the error

This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.

SHA1CryptoServiceProvider Testsha1 = new SHA1CryptoServiceProvider();
byte[] hashedBytes;
UTF8Encoding encoder = new UTF8Encoding();
hashed = Testsha1.ComputeHash(encoder.GetBytes(strPassword));
StringBuilder sb = new StringBuilder();
for (int i = 0; i < hashed.Length; i++)
string Password = sb.ToString();

Answer Source

Adding the following line in web.config under system.web section

<machineKey validationKey="AutoGenerate,IsolateApps" ecryptionKey="AutoGenerate,IsolateApps" validation="3DES" decryption="3DES"/>

solved my problem

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download