Encrypt and Decrypt Password in C#?

I just spent a little time playing with C# on password encryption. Here is a sample code I wrote to get myself familiar with related APIs. Overall it’s pretty straight forward – it first encrypts a clear text to an encrypted Base64 encoded string, then reverses it.

using System;
using System.Security.Cryptography;
using System.Text;

namespace DoubleCloud
{
    class ProtectPassword
    {
        static void Main(string[] args)
        {
            // encryption
            string clearText = "doublecloud.org";
            byte[] clearTextBytes = Encoding.Unicode.GetBytes(clearText);

            byte[] encryptedTextBytes = ProtectedData.Protect(clearTextBytes, null, DataProtectionScope.CurrentUser);
            string encryptedTextBase64 = Convert.ToBase64String(encryptedTextBytes);
            System.Console.WriteLine("Encrypted:" + encryptedTextBase64);

            // decrypt what's been encrypted
            string encText = encryptedTextBase64;
            byte[] encTextBytes = Convert.FromBase64String(encText);

            byte[] decryptedBytes = ProtectedData.Unprotect(encTextBytes, null, DataProtectionScope.CurrentUser);
            string decryptedText = Encoding.Unicode.GetString(decryptedBytes);
            System.Console.WriteLine("Decrypted:" + decryptedText);

            System.Console.WriteLine("Done");
        }
    }
}

As I ran the program for several times, I noticed that the encrypted string of each run was different. This differs from the one way hash in which a password is always hashed to a same binary string. If you hash a random password and get the same known hashed string, the random password is for sure the password, meaning you break it. I guess the .Net encryption APIs may factor in the time it runs. It seems a better solution than hashing in protecting passwords.

BTW, one trick I learned with Visual Studio is that if you want a Console Application to pause in the Dos Window, you can simply use CTRL + F5 to run it. After the normal print out, it adds one line says “Press any key to continue …” and pause there. If you use the F5, the Dos Windows disappears before you can see much. The other way is to set a breakpoint on the last line of execution code and run in debug mode. Either way works.

This entry was posted in Software Development and tagged , , . Bookmark the permalink. Post a comment or leave a trackback: Trackback URL.

2 Comments

  1. Posted November 12, 2012 at 1:18 am | Permalink

    Encrypt and Decrypt Password in C#? http://t.co/zLhEt1bZ via @sjin2008

  2. Posted November 12, 2012 at 1:57 am | Permalink

    Encrypt and Decrypt Password in C#? (DoubleCloud) http://t.co/LspzvJfp

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*

You may use these HTML tags and attributes <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

  • NEED HELP?


    My consulting helps clients with virtualization and cloud computing, including VMware infrastructure automation and orchestration, vSphere management APIs, and deep product integration with hypervisors. Current training offerings include vSphere APIs training, vCenter Orchestrator training, and etc. Should you, or someone you know, need these consulting services or training, please feel free to contact me: steve __AT__ doublecloud.org.

    Me: Steve Jin, VMware vExpert who authored the VMware VI and vSphere SDK by Prentice Hall, and created the de factor open source vSphere Java API while working at VMware engineering. Companies like Cisco, EMC, NetApp, HP, Dell, VMware, are among the users of the API and other tools I developed for their products, internal IT orchestration, and test automation.