Share via


How to Hash Passwords

For the latest version of Commerce Server 2007 Help, see the Microsoft Web site .

Hashing passwords is a way of taking a variable-length password and creating a cryptic, fixed-length password from it. You do this by generating and using a salt value . A salt value is a random value that you use to generate the hashed password.

This topic shows how to generate salt values and hash passwords. These functions are referenced in the topic How to Validate Passwords .

To hash a password

  1. Create a new function called GenerateSaltValue that returns a salt value.

  2. Type code that generates random values based on UTF-16 encoding and the system time.

  3. Create a new function called HashPassword that hashes a password by using the salt value.

  4. Type code that hashes the password, puts it into an array of bytes, and returns the salt value plus the hashed password.

See Also

Other Resources

Profiles Encryption and Decryption

How Does the Profiles System Encrypt Data?

How to Use Asymmetric Encryption with Profiles

How to Validate Passwords

Profile Key Manager