How can we hash the passwords in an already existing database? The passwords in the database are in clear text, which is a security issue. I don't want to use the in-built SQL Server hash functions, but create my own application for hashing the passwords. I was thinking of creating another column of datatype varbinary(16) -MD5 hash- and storing the hashed values there and deleting the cleartext password column.
ALso, I read that salting is very important. What do you guys think? Any ideas are most welcome.
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)