#### Tagged as

, 19 Jan 2002
 Rate this:

## Introduction

Do you have a website where users need to login, and when they do you compare the password they enter with a column in a usertable? Some people do logins like this. It's easy to program and it works just fine. But what if someone got hold of the usertable and all the passwords of everyone? You may want to hide or encrypt the passwords in the usertable. Many programming languages have functions to do this. I make ASP-webpages, and I haven't found any quick functions to do this. There are plenty of components to do this, some free of charge even. But what if you cant install components on the webserver

Here is a short and neat way to encrypt your users passwords. You need two strings for it to work. Typically the username and the password.

## Code

```Function encrypt(x1, x2)
s = ""
t = 0
For i = 1 to len(x1)
t = t + asc(mid(x1,i,1))
Next
For i = 1 to len(x2)
y = (t + asc(mid(x2,i,1)) * asc(mid(x2,((i+1) mod len(x2)+1),1))) mod 255
s = s & chr(y)
Next
For i = (len(x2) + 1) to 10
If t>598.8 Then t = 598.8
y = t^3*i mod 255
s = s & chr(y)
Next
encrypt = s
End Function```

If you want to test this function you can create an asp-page and upload it to your website. Here's my codelisting to encrypt.asp

```<%
Function encrypt(x1, x2)
s = ""
t = 0
For i = 1 to len(x1)
t = t + asc(mid(x1,i,1))
Next
For i = 1 to len(x2)
y = (t + asc(mid(x2,i,1)) * asc(mid(x2,((i+1) mod len(x2)+1),1))) mod 255
s = s & chr(y)
Next
For i = (len(x2) + 1) to 10
If t>598.8 Then t = 598.8
y = t^3*i mod 255
s = s & chr(y)
Next
encrypt = s
End Function
%>

<html>
<title>Encrypt</title>

<body>
<% If request.form("name") = "" Then %>
<form action="encrypt.asp" method="post">
<input type="text" name="name"><input type="text" name="pass">
<input type="submit">
</form>
<% Else  %>
<% response.write encrypt(request.form("name"),request.form("pass")) %>
<% End If %>
</body>
</html>```

## Remarks

• The function is not reversible, so there is no way to take the result and reverse it into the password. You will need to recreate the password with a new one (some users seem to forget their passwords and always wants it retreieved)
• This is not a high-level encryption, but its good enough to hide it from lame hackers (hehe).
• The password is always sent from the user inputpage to the page encrypting it. Somewhere in between a hacker can fetch it. Secure zones (SSL) can remedy this.
• Feel free to use the code to whatever you like. But if you alter it make a post in the thread related to this article so we all can share the fun.

A list of licenses authors might use can be found here

## Share

Web Developer
Norway
Tommy live in Tromsø, a city far up north in Norway. He does programming and webdevelopment for a living.

 First PrevNext
 Encrypt & Decrypt string [modified] c2love 14-Nov-07 17:14
 Re: Encrypt & Decrypt string tommy skaue 14-Nov-07 22:43
 encrypt & decrypt password red-apple 11-Aug-07 1:04
 Re: encrypt & decrypt password tommy skaue 11-Aug-07 3:56
 Re: encrypt & decrypt password kenbhavin 13-May-08 22:18
 Re: encrypt & decrypt password kenbhavin 13-May-08 22:16
 one small change guildwyn 24-Dec-06 12:17
 How to decrypt?? ShunHung 14-Jul-05 18:11
 Re: How to decrypt?? Christian Graus 14-Jul-05 18:47
 modification of this code Anonymous 2-Sep-04 15:24
 Re: modification of this code tommy skaue 2-Sep-04 22:13
 Re: modification of this code kryzchek 18-May-05 8:40
 Re: modification of this code tommy skaue 18-May-05 11:30
 Same function ported to Perl soffen 21-Nov-03 8:55
 Although I can't think of why I would use this in Perl, I decided on a whim to port it to Perl (as it is my programming language of choice and want to provide others with it as well). Most DB (and most particularly MySQL) provide encryption functions, and I would recommend using them over anything else, unless there are known issues with it.   As the Perl code is intended to produce the same result as the vbscript code, I had to make a few modifications. Namely, the modulus (%) function in Perl does not round up as it appears the vbscript mod function does, so I go have to go the long way to get the remainder (rounded up as needed). Secondly, Perl strings are 0 indexed, so I had to do some tweaking there to get the letters in the same order as the vbscript. Again, all this is because the desire is to produce the same result as the vbscript.   Anyway, without further ado, the Perl script:   sub encrypt {   my \$input1 = shift; my \$input2 = shift;   my \$lenInput1 = length(\$input1); my \$lenInput2 = length(\$input2);   my \$s = ""; my \$t = 0;   #-- Loop through the first input --# for (my \$i = 0; \$i < \$lenInput1; \$i++) { \$t += ord(substr(\$input1, \$i, 1)); }   #-- Loop through the second input field --# for (my \$i = 0; \$i < \$lenInput2; \$i++) {   #-- Get this character --# my \$thisChar = substr(\$input2, \$i, 1);   #-- Get the next character --# my \$nextChar; my \$nextCharPos = (\$i + 1) % \$lenInput2 + 1; if (\$nextCharPos >= \$lenInput2) { \$nextChar = substr(\$input2, 0, 1); } else { \$nextChar = substr(\$input2, \$nextCharPos, 1); }   #-- Calculate the value of y --# my \$y = (\$t + ord(\$thisChar) * ord(\$nextChar)) % 255;   #-- Append the chr of y to s --# \$s .= chr(\$y) }   #-- Pad as needed --# \$t = 598.8 if (\$t > 598.8); for (my \$i = (\$lenInput2 + 1); \$i <= 10; \$i++) { my \$d = \$t**3 * \$i / 255; \$d = \$1 if (\$d =~ /^(\d*)\.?.*/);   my \$n = (\$t**3 * \$i) - (\$d * 255); my \$y = \$1 if (\$n =~ /^(\d*)\.?.*/); my \$r = \$1 if (\$n =~ /\d*\.(\d).*/);   \$y++ if (\$r > 4); \$s .= chr(\$y); }   return (\$s);   }   Lacking evidence of existence is not proof of non-existence.
 Return value of Encrypt Function Ven Yetukuri 3-Mar-03 9:54
 It wont work this way StarLite 28-Jan-03 10:19
 Re: It wont work this way tommy skaue 28-Jan-03 22:14
 Re: It wont work this way Anonymous 29-Jan-03 4:34
 Re: It wont work this way tommy skaue 29-Jan-03 21:59
 its a pretty good article Horatiu CRISTEA 1-Feb-02 0:30
 Re: its a pretty good article tommy skaue 1-Feb-02 1:18
 Re: its a pretty good article Horatiu CRISTEA 1-Feb-02 3:18
 Re: its a pretty good article tommy skaue 1-Feb-02 3:18
 Tommy's son (off-topic) Oz 22-Jan-02 4:29
 Re: Tommy's son (off-topic) tommy skaue 22-Jan-02 4:32
 Last Visit: 31-Dec-99 19:00     Last Update: 28-Dec-14 8:31 Refresh 12 Next »