近期剛好做新框架的用戶數據安全這塊
密碼的保護措施:混淆加密--------------------------------拙見----------貼上代碼--請指教
1:生成混淆數據,---存入數據表字段
2:獲取密碼混淆加密字符串-----存入數據表字段
/*---------------------------------------混淆字符串-----------------------------------------------------------*/
/// <summary> /// 根據26個字母(大小寫)和1~9數字組成的字符串中隨機生成一定長度的字符串 /// </summary> /// <param name="len">長度</param> /// <returns>返回字符串</returns> public static string CreateRandomStr(int len) { return GetRandomString("123456789abcdefghijklmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ", len); } //獲取隨機字段 public static string GetRandomString(string pwdchars, int len) { Random randomSeed = new Random(); StringBuilder builder = new StringBuilder(len); for (int i = 0; i < len; i++) { builder.Append(pwdchars[randomSeed.Next(pwdchars.Length)]); } return builder.ToString(); }
/*-----------------------------------------加密數據------------------------------------------------*/ /// <summary> /// 對字符串str加密后再增加混淆串字符key一起進行加密后得到的字符串,兩次都是采用MD5(string str)方法 /// </summary> /// <param name="pass">字符串</param> /// <param name="key">混淆串字符</param> /// <returns>加密后的字符串</returns> public static string GetPass(string pass, string key) { //調用MD5生成密碼 return MD5(MD5(pass) + key); } /// <summary> /// MD5加密(去除“-”)得到字符串 /// </summary> /// <param name="str">字符串</param> /// <returns>加密后的字符串</returns> public static string MD5(string str) { MD5 md5 = new MD5CryptoServiceProvider(); string t2 = BitConverter.ToString(md5.ComputeHash(Encoding.Default.GetBytes(str))); t2 = t2.Replace("-", "").ToLower(); return t2; }