In this article we will learn how to a store password in binary format during registration. We can also login to it by providing the correct credentials. Here the password will be stored in the database as binary data so that no one can determine what the password is when he/she opens the database table.

Table Creation



Here the password "raj123" is stored in binary format.

Now let's move to the code.

Register.aspx

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Register.aspx.cs" Inherits="Register_login_Encrypt_Decrypt_Asp.Register" %>

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

 

<html xmlns="http://www.w3.org/1999/xhtml" >

<head runat="server">

    <title> Register Page</title>

</head>

<body>

    <form id="form1" runat="server">

    <div>

    <asp:Label ID="Label1" runat="server" Text="Name" Width="150px" Font-Bold="True" BackColor="#FFFF66" ForeColor="#FF3300"></asp:Label>

    <asp:TextBox ID="txt_name" runat="server" Width="150px"></asp:TextBox>

        <asp:RequiredFieldValidator ID="RequiredFieldValidator1" runat="server"

            ControlToValidate="txt_name" ErrorMessage="Please enter name"></asp:RequiredFieldValidator>

        <br />

    <asp:Label ID="Label2" runat="server" Text="Address" Width="150px" Font-Bold="True" BackColor="#FFFF66" ForeColor="#FF3300"></asp:Label>

    <asp:TextBox ID="txt_address" runat="server" Width="150px"></asp:TextBox>

        <asp:RequiredFieldValidator ID="RequiredFieldValidator2" runat="server"

            ControlToValidate="txt_address" ErrorMessage="Please enter address"></asp:RequiredFieldValidator>

        <br />

    <asp:Label ID="Label3" runat="server" Text="Password" Width="150px" Font-Bold="True" BackColor="#FFFF66" ForeColor="#FF3300"></asp:Label>

    <asp:TextBox ID="txt_password" runat="server" TextMode="Password" Width="150px"></asp:TextBox>

        <asp:RequiredFieldValidator ID="RequiredFieldValidator3" runat="server"

            ControlToValidate="txt_password" ErrorMessage="Please enter password"></asp:RequiredFieldValidator>

        <br />

    <asp:Button ID="btn_Register" runat="server" Text="Register"

            onclick="btn_Register_Click" BackColor="#CCFF99" BorderColor="Maroon"

            Font-Bold="True" ForeColor="#993333" />

    </div>

   

    <asp:HyperLink ID="HyperLink1" runat="server" NavigateUrl="~/Login.aspx">Click

    here to Login</asp:HyperLink>

    <asp:Label ID="lb1" runat="server" Font-Bold="True" ForeColor="#FF3300"></asp:Label>

    </form>

</body>

</html>

Register.aspx.cs
 

using System;

using System.Collections;

using System.Configuration;

using System.Data;

using System.Linq;

using System.Web;

using System.Web.Security;

using System.Web.UI;

using System.Web.UI.HtmlControls;

using System.Web.UI.WebControls;

using System.Web.UI.WebControls.WebParts;

using System.Xml.Linq;

using System.Data.SqlClient;

namespace Register_login_Encrypt_Decrypt_Asp

{

    public partial class Register : System.Web.UI.Page

    {

        string connStr = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;

        SqlCommand com;

 

        protected void btn_Register_Click(object sender, EventArgs e)

        {

            SqlConnection con = new SqlConnection(connStr);

            con.Open();

            com = new SqlCommand();

            com.Connection = con;

            com.CommandType = CommandType.Text;

            Session["name"] = txt_name.Text;

            com.CommandText = @"INSERT INTO employee(name,address,password)VALUES(@name,@address,EncryptByPassPhrase('pass',@password))";

            com.Parameters.AddWithValue("@name", Session["name"]);

            com.Parameters.AddWithValue("@address", txt_address.Text);

            string password = txt_password.Text;

            System.Text.ASCIIEncoding encryptpwd = new System.Text.ASCIIEncoding();

            byte[] passwordArray = encryptpwd.GetBytes(password);

            com.Parameters.AddWithValue("@password", passwordArray);

            com.ExecuteNonQuery();

            com.Dispose();

            con.Close();

            lb1.Text = "Data entered successfully!!!";

            clear();

        }

        private void clear()

        {

            txt_name.Text = "";

            txt_address.Text = "";

        }

    }

}

Login.aspx
 

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Login.aspx.cs" Inherits="Register_login_Encrypt_Decrypt_Asp.Login" %>

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

 

<html xmlns="http://www.w3.org/1999/xhtml" >

<head runat="server">

    <title>Login Page</title>

</head>

<body>

    <form id="form1" runat="server">

    <div>

    <asp:Label ID="Label1" runat="server" Text="Name" Width="150px" Font-Bold="True" BackColor="#FFFF66" ForeColor="#FF3300"></asp:Label>

    <asp:TextBox ID="txt_name" runat="server" Width="150px"></asp:TextBox>

        <asp:RequiredFieldValidator ID="RequiredFieldValidator1" runat="server"

            ControlToValidate="txt_name" ErrorMessage="Please enter name"></asp:RequiredFieldValidator>

        <br />

     <asp:Label ID="Label2" runat="server" Text="Password" Width="150px" Font-Bold="True" BackColor="#FFFF66" ForeColor="#FF3300"></asp:Label>

    <asp:TextBox ID="txt_password" runat="server" TextMode="Password" Width="150px"></asp:TextBox>

        <asp:RequiredFieldValidator ID="RequiredFieldValidator2" runat="server"

            ControlToValidate="txt_password" ErrorMessage="Please enter password"></asp:RequiredFieldValidator>

        <br />

    <asp:Button ID="btn_login" runat="server" Text="Login" onclick="btn_login_Click" Font-Bold="True" BackColor="#CCFF99"/>

    <asp:Label ID="lbl_msg" runat="server" Font-Bold="True" ForeColor="#FF3300"></asp:Label>

    </div>

    </form>

</body>

</html>

Login.aspx.cs
 

using System;

using System.Collections;

using System.Configuration;

using System.Data;

using System.Linq;

using System.Web;

using System.Web.Security;

using System.Web.UI;

using System.Web.UI.HtmlControls;

using System.Web.UI.WebControls;

using System.Web.UI.WebControls.WebParts;

using System.Xml.Linq;

using System.Globalization;

using System.Text;

using System.IO;

using System.Data.SqlClient;

 

namespace Register_login_Encrypt_Decrypt_Asp

{

    public partial class Login : System.Web.UI.Page

    {

        string connStr = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;

        SqlCommand com;

        SqlDataAdapter sqlda;

        DataSet ds,ds1;

        string str,str2;

       

        protected void btn_login_Click(object sender, EventArgs e)

        {

            SqlConnection con = new SqlConnection(connStr);

            con.Open();

            try

        {

 

        sqlda = new SqlDataAdapter(@"select convert(varchar(100), DECRYPTBYPASSPHRASE ('pass',password )) AS PWD from employee where name=@name ", con);

        Session["name"] = txt_name.Text;

        sqlda.SelectCommand.Parameters.AddWithValue("@name", Session["name"]);

        ds = new DataSet();

        sqlda.Fill(ds);

 

        if (ds.Tables[0].Rows.Count == 0)

        {

        lbl_msg.Text = "Invalid name";

        txt_name.Text = "";

        txt_password.Text = "";

        return;

        }

 

        str = (ds.Tables[0].Rows[0]["PWD"]).ToString();

        byte[] bytes = UTF8Encoding.ASCII.GetBytes(str);

        str2 = UTF8Encoding.ASCII.GetString(bytes);

 

        if (str2 != txt_password.Text)

        {

        lbl_msg.Text = "Invalid Password";

        txt_password.Text = "";

        txt_name.Text = "";

        return;

        }

        else

        {

        com = new SqlCommand(@"select name , convert(varchar(100), DECRYPTBYPASSPHRASE ('pass',password )) AS PWD from employee where name=@name and password=@password", con);

        com.Parameters.AddWithValue("@name", Session["name"]);

        com.Parameters.AddWithValue("@password", str2);

        ds1 = new DataSet();

        sqlda.Fill(ds1);

 

        if (ds1.Tables[0].Rows.Count == 0)

        {

        lbl_msg.Text = "Invalid name or Password";

        txt_name.Text = "";

        txt_password.Text = "";

        }

        else

        {

        Response.Redirect("Welcome.aspx");

        }

        }

        }

        catch (Exception err)

        {

        lbl_msg.Text = "Error: " + err.ToString(); 

        }

        }

    }

}

Welcome.aspx
 

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Welcome.aspx.cs" Inherits="Register_login_Encrypt_Decrypt_Asp.Welcome" %>

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

 

<html xmlns="http://www.w3.org/1999/xhtml" >

<head runat="server">

    <title>Welcome Page</title>

</head>

<body>

    <form id="form1" runat="server">

    <div>

     <asp:Label ID="lb1" runat="server" Text="Label"></asp:Label>

    </div>

    </form>

</body>

</html>

Welcome.aspx.cs
 

using System;

using System.Collections;

using System.Configuration;

using System.Data;

using System.Linq;

using System.Web;

using System.Web.Security;

using System.Web.UI;

using System.Web.UI.HtmlControls;

using System.Web.UI.WebControls;

using System.Web.UI.WebControls.WebParts;

using System.Xml.Linq;

using System.Data.SqlClient;

namespace Register_login_Encrypt_Decrypt_Asp

{

    public partial class Welcome : System.Web.UI.Page

    {

        string strConnString = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;

 

        protected void Page_Load(object sender, EventArgs e)

        {

            lb1.Text = "<b><font color=Brown>" + "WELLCOME :: " + "</font>" + "<b><font color=red>" + Session["name"] + "</font>";

        }

    }

}

Output

After providing data for registration:



Click the login link and provide the correct credentials for login:



After providing correct credentials.