There is a tip here that tells you the basics of password storage:
Password Storage: How to do it.[
^] - it doesn't tell you how to actually store it in a database, but that is the easy bit!
Read from DB:
using (SqlConnection con = new SqlConnection(strConnect))
{
con.Open();
using (SqlCommand com = new SqlCommand("SELECT password FROM loginData WHERE userID=@ID", con))
{
com.Paramaters.AddWithValue("@ID", userID);
using (SqlDataReader reader = com.ExecuteReader())
{
if (reader.Read())
{
byte[] password = (byte[]) reader["password"];
return password;
}
}
}
}
Write To DB:
using (SqlConnection con = new SqlConnection(strConnect))
{
con.Open();
using (SqlCommand com = new SqlCommand("INSERT INTO loginData (userID, password) VALUES (@ID, @PW)", con))
{
com.Parameters.AddWithValue("@ID", userID);
com.Parameters.AddWithValue("@PW", password);
com.ExecuteNonQuery();
}
}