Comments on: Applications using Hashing with SQL Server 2005/2008 http://www.jimmcleod.net/blog/index.php/2009/04/23/applications-using-hashing-with-sql-server-20052008/ Musings about SQL, databases, and my world in general... Tue, 20 Dec 2011 15:37:13 +1000 http://wordpress.org/?v=2.8.6 hourly 1 By: Jim http://www.jimmcleod.net/blog/index.php/2009/04/23/applications-using-hashing-with-sql-server-20052008/comment-page-1/#comment-20687 Jim Tue, 21 Sep 2010 23:14:25 +0000 http://www.jimmcleod.net/blog/index.php/2009/04/23/applications-using-hashing-with-sql-server-20052008/#comment-20687 Hi Nilesh, As the hash is a one-way algorithm, you cannot decode the hash back into the password. However, you can hash the password that the user has entered, and compare this hash with the stored hash of the password. If the two hashes match, then the correct password was entered. Hi Nilesh,

As the hash is a one-way algorithm, you cannot decode the hash back into the password. However, you can hash the password that the user has entered, and compare this hash with the stored hash of the password. If the two hashes match, then the correct password was entered.

]]> By: Nilesh http://www.jimmcleod.net/blog/index.php/2009/04/23/applications-using-hashing-with-sql-server-20052008/comment-page-1/#comment-20677 Nilesh Tue, 21 Sep 2010 12:26:03 +0000 http://www.jimmcleod.net/blog/index.php/2009/04/23/applications-using-hashing-with-sql-server-20052008/#comment-20677 Hi Dear, I have stored usedid as it is and password stored as Hashed into db SQl Server. Now I want to check userId and password at my website.I got the value of userId. How I check password which is in Hash format? Hi Dear,
I have stored usedid as it is and password stored as Hashed into db SQl Server.
Now I want to check userId and password at my website.I got the value of userId.
How I check password which is in Hash format?

]]> By: Jim http://www.jimmcleod.net/blog/index.php/2009/04/23/applications-using-hashing-with-sql-server-20052008/comment-page-1/#comment-17406 Jim Wed, 13 Jan 2010 10:52:19 +0000 http://www.jimmcleod.net/blog/index.php/2009/04/23/applications-using-hashing-with-sql-server-20052008/#comment-17406 Hi Suranga, Unfortunately, Hashbytes() only gives you two choices - a 16 character hash (128 bit), or a 20 character hash (160 bit). You may be able to find a different hashing algorithm on the Internet that only uses 10 bytes, or you can use a 128 bit algorithm and simply ignore the extra 6 bytes. Regardless of whether you use a different algorithm or trim a longer one down, you are more likely to encounter a hash collision, simply due to the fewer number of combinations that can be made. In practice, however, you may never encounter a collision, but you should have some way of resolving collisions. Hi Suranga,

Unfortunately, Hashbytes() only gives you two choices – a 16 character hash (128 bit), or a 20 character hash (160 bit). You may be able to find a different hashing algorithm on the Internet that only uses 10 bytes, or you can use a 128 bit algorithm and simply ignore the extra 6 bytes. Regardless of whether you use a different algorithm or trim a longer one down, you are more likely to encounter a hash collision, simply due to the fewer number of combinations that can be made. In practice, however, you may never encounter a collision, but you should have some way of resolving collisions.

]]> By: Suranga http://www.jimmcleod.net/blog/index.php/2009/04/23/applications-using-hashing-with-sql-server-20052008/comment-page-1/#comment-17399 Suranga Wed, 13 Jan 2010 08:08:11 +0000 http://www.jimmcleod.net/blog/index.php/2009/04/23/applications-using-hashing-with-sql-server-20052008/#comment-17399 Sir I want to know above hash value length,How to limit For Ex; Always keep the hashvalue with 10 characters Sir I want to know above hash value length,How to limit

For Ex;
Always keep the hashvalue with 10 characters

]]>