I'm having trouble logging in my database after I used BCrypt to hash login password. Below is a snippet of my code.
private void button_Click(object sender, EventArgs e)
{
SqlConnection conn = new SqlConnection(………………………………….);
string userID =Microsoft.VisualBasic.Interaction.InputBox ("Please enter User ID", "User ID"); // prompt user to enter user ID
string pwd = Microsoft.VisualBasic.Interaction.InputBox ("Please enter password", "PASSWORD");
// promt user to enter a password
string salt = BCryptHelper.GenerateSalt(8);
string hashPwd = BCryptHelper.HashPassword (pwd, salt);
bool checkPwd = BCryptHelper.CheckPassword (pwd, hashPwd);
conn.Open ();
SqlCommand sqlCmd = new SqlCommand ("UPDATE Table_Person SET Password = @Password WHERE User ID = @UserID", conn);
sqlCmd.Parameters.AddWithValue ("@Password", hashPwd);
sqlCmd.Parameters.AddWithValue ("@UserID", userID);
sqlCmd.ExecuteNonQuery ();
conn.Close ();
}
What I'm my doing wrong here? The password field from my database table has been hashed, but how do I decrypt it back? Can someone help please.