Click here to Skip to main content
12,951,606 members (55,847 online)
Click here to Skip to main content
Add your own
alternative version

Stats

202.3K views
54 bookmarked
Posted 19 Jan 2002

Encrypting Passwords in ASP

, 19 Jan 2002
Rate this:
Please Sign up or sign in to vote.
A simple function to encrypt your users passwords
<!-- Add the rest of your HTML here -->

Introduction

Do you have a website where users need to login, and when they do you compare the password they enter with a column in a usertable? Some people do logins like this. It's easy to program and it works just fine. But what if someone got hold of the usertable and all the passwords of everyone? You may want to hide or encrypt the passwords in the usertable. Many programming languages have functions to do this. I make ASP-webpages, and I haven't found any quick functions to do this. There are plenty of components to do this, some free of charge even. But what if you cant install components on the webserver

Here is a short and neat way to encrypt your users passwords. You need two strings for it to work. Typically the username and the password.

Code

Function encrypt(x1, x2)
    s = ""
    t = 0
    For i = 1 to len(x1)
        t = t + asc(mid(x1,i,1))
    Next
    For i = 1 to len(x2)
        y = (t + asc(mid(x2,i,1)) * asc(mid(x2,((i+1) mod len(x2)+1),1))) mod 255
        s = s & chr(y)
    Next
    For i = (len(x2) + 1) to 10
        If t>598.8 Then t = 598.8
        y = t^3*i mod 255
        s = s & chr(y)
    Next
    encrypt = s
End Function

If you want to test this function you can create an asp-page and upload it to your website. Here's my codelisting to encrypt.asp

<%
Function encrypt(x1, x2)
    s = ""
    t = 0
    For i = 1 to len(x1)
        t = t + asc(mid(x1,i,1))
    Next
    For i = 1 to len(x2)
        y = (t + asc(mid(x2,i,1)) * asc(mid(x2,((i+1) mod len(x2)+1),1))) mod 255
        s = s & chr(y)
    Next
    For i = (len(x2) + 1) to 10
        If t>598.8 Then t = 598.8
        y = t^3*i mod 255
        s = s & chr(y)
    Next
    encrypt = s
End Function
%>

<html>
<head>
 <title>Encrypt</title>
</head>

<body>
<% If request.form("name") = "" Then %>
<form action="encrypt.asp" method="post">
<input type="text" name="name"><input type="text" name="pass">
<input type="submit">
</form>
<% Else  %>
<% response.write encrypt(request.form("name"),request.form("pass")) %>
<% End If %>
</body>
</html>

Remarks

  • The function is not reversible, so there is no way to take the result and reverse it into the password. You will need to recreate the password with a new one (some users seem to forget their passwords and always wants it retreieved)
  • This is not a high-level encryption, but its good enough to hide it from lame hackers (hehe).
  • The password is always sent from the user inputpage to the page encrypting it. Somewhere in between a hacker can fetch it. Secure zones (SSL) can remedy this.
  • Feel free to use the code to whatever you like. But if you alter it make a post in the thread related to this article so we all can share the fun.

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here

Share

About the Author

tommy skaue
Web Developer
Norway Norway
Tommy live in Tromsø, a city far up north in Norway. He does programming and webdevelopment for a living.

You may also be interested in...

Comments and Discussions

 
BugOverflow exception Pin
Member 304391912-Jul-16 7:00
memberMember 304391912-Jul-16 7:00 
QuestionEncrypt &amp; Decrypt string [modified] Pin
c2love14-Nov-07 16:14
memberc2love14-Nov-07 16:14 
AnswerRe: Encrypt & Decrypt string Pin
tommy skaue14-Nov-07 21:43
membertommy skaue14-Nov-07 21:43 
Questionencrypt & decrypt password Pin
red-apple11-Aug-07 0:04
memberred-apple11-Aug-07 0:04 
AnswerRe: encrypt & decrypt password Pin
tommy skaue11-Aug-07 2:56
membertommy skaue11-Aug-07 2:56 
GeneralRe: encrypt & decrypt password Pin
kenbhavin13-May-08 21:18
memberkenbhavin13-May-08 21:18 
AnswerRe: encrypt & decrypt password Pin
kenbhavin13-May-08 21:16
memberkenbhavin13-May-08 21:16 
Generalone small change Pin
guildwyn24-Dec-06 11:17
memberguildwyn24-Dec-06 11:17 
QuestionHow to decrypt?? Pin
ShunHung14-Jul-05 17:11
sussShunHung14-Jul-05 17:11 
AnswerRe: How to decrypt?? Pin
Christian Graus14-Jul-05 17:47
memberChristian Graus14-Jul-05 17:47 
Generalmodification of this code Pin
Anonymous2-Sep-04 14:24
sussAnonymous2-Sep-04 14:24 
GeneralRe: modification of this code Pin
tommy skaue2-Sep-04 21:13
membertommy skaue2-Sep-04 21:13 
GeneralRe: modification of this code Pin
kryzchek18-May-05 7:40
memberkryzchek18-May-05 7:40 
GeneralRe: modification of this code Pin
tommy skaue18-May-05 10:30
membertommy skaue18-May-05 10:30 
GeneralSame function ported to Perl Pin
soffen21-Nov-03 7:55
membersoffen21-Nov-03 7:55 
GeneralReturn value of Encrypt Function Pin
Ven Yetukuri3-Mar-03 8:54
memberVen Yetukuri3-Mar-03 8:54 
GeneralIt wont work this way Pin
StarLite28-Jan-03 9:19
sussStarLite28-Jan-03 9:19 
GeneralRe: It wont work this way Pin
tommy skaue28-Jan-03 21:14
membertommy skaue28-Jan-03 21:14 
GeneralRe: It wont work this way Pin
Anonymous29-Jan-03 3:34
sussAnonymous29-Jan-03 3:34 
GeneralRe: It wont work this way Pin
tommy skaue29-Jan-03 20:59
membertommy skaue29-Jan-03 20:59 
I think it might be the special characters in the result...

Its possible to change the function to span over only normal characters, but I dont use that function any longer.

I havent deleted the article though. Its ok for reading how it can be done and to get your own ideas.

There is MD5 for asp too...

Lets see if its pastable:

<br />
<%<br />
Private Const BITS_TO_A_BYTE=8<br />
Private Const BYTES_TO_A_WORD=4<br />
Private Const BITS_TO_A_WORD=32<br />
Private m_lOnBits(30)<br />
Private m_l2Power(30)<br />
m_lOnBits(0)=CLng(1)<br />
m_lOnBits(1)=CLng(3)<br />
m_lOnBits(2)=CLng(7)<br />
m_lOnBits(3)=CLng(15)<br />
m_lOnBits(4)=CLng(31)<br />
m_lOnBits(5)=CLng(63)<br />
m_lOnBits(6)=CLng(127)<br />
m_lOnBits(7)=CLng(255)<br />
m_lOnBits(8)=CLng(511)<br />
m_lOnBits(9)=CLng(1023)<br />
m_lOnBits(10)=CLng(2047)<br />
m_lOnBits(11)=CLng(4095)<br />
m_lOnBits(12)=CLng(8191)<br />
m_lOnBits(13)=CLng(16383)<br />
m_lOnBits(14)=CLng(32767)<br />
m_lOnBits(15)=CLng(65535)<br />
m_lOnBits(16)=CLng(131071)<br />
m_lOnBits(17)=CLng(262143)<br />
m_lOnBits(18)=CLng(524287)<br />
m_lOnBits(19)=CLng(1048575)<br />
m_lOnBits(20)=CLng(2097151)<br />
m_lOnBits(21)=CLng(4194303)<br />
m_lOnBits(22)=CLng(8388607)<br />
m_lOnBits(23)=CLng(16777215)<br />
m_lOnBits(24)=CLng(33554431)<br />
m_lOnBits(25)=CLng(67108863)<br />
m_lOnBits(26)=CLng(134217727)<br />
m_lOnBits(27)=CLng(268435455)<br />
m_lOnBits(28)=CLng(536870911)<br />
m_lOnBits(29)=CLng(1073741823)<br />
m_lOnBits(30)=CLng(2147483647)<br />
<br />
m_l2Power(0)=CLng(1)<br />
m_l2Power(1)=CLng(2)<br />
m_l2Power(2)=CLng(4)<br />
m_l2Power(3)=CLng(8)<br />
m_l2Power(4)=CLng(16)<br />
m_l2Power(5)=CLng(32)<br />
m_l2Power(6)=CLng(64)<br />
m_l2Power(7)=CLng(128)<br />
m_l2Power(8)=CLng(256)<br />
m_l2Power(9)=CLng(512)<br />
m_l2Power(10)=CLng(1024)<br />
m_l2Power(11)=CLng(2048)<br />
m_l2Power(12)=CLng(4096)<br />
m_l2Power(13)=CLng(8192)<br />
m_l2Power(14)=CLng(16384)<br />
m_l2Power(15)=CLng(32768)<br />
m_l2Power(16)=CLng(65536)<br />
m_l2Power(17)=CLng(131072)<br />
m_l2Power(18)=CLng(262144)<br />
m_l2Power(19)=CLng(524288)<br />
m_l2Power(20)=CLng(1048576)<br />
m_l2Power(21)=CLng(2097152)<br />
m_l2Power(22)=CLng(4194304)<br />
m_l2Power(23)=CLng(8388608)<br />
m_l2Power(24)=CLng(16777216)<br />
m_l2Power(25)=CLng(33554432)<br />
m_l2Power(26)=CLng(67108864)<br />
m_l2Power(27)=CLng(134217728)<br />
m_l2Power(28)=CLng(268435456)<br />
m_l2Power(29)=CLng(536870912)<br />
m_l2Power(30)=CLng(1073741824)<br />
<br />
Private Function LShift(lValue,iShiftBits)<br />
  If iShiftBits=0 Then<br />
    LShift=lValue<br />
    Exit Function<br />
  ElseIf iShiftBits=31 Then<br />
    If lValue And 1 Then<br />
      LShift=&H80000000<br />
    Else<br />
      LShift=0<br />
    End If<br />
    Exit Function<br />
  ElseIf iShiftBits<0 Or iShiftBits>31 Then<br />
    Err.Raise 6<br />
  End If<br />
<br />
  If (lValue And m_l2Power(31-iShiftBits)) Then<br />
    LShift=((lValue And m_lOnBits(31-(iShiftBits+1)))*m_l2Power(iShiftBits)) Or &H80000000<br />
  Else<br />
    LShift=((lValue And m_lOnBits(31-iShiftBits))*m_l2Power(iShiftBits))<br />
  End If<br />
End Function<br />
<br />
Private Function RShift(lValue,iShiftBits)<br />
  If iShiftBits=0 Then<br />
    RShift=lValue<br />
    Exit Function<br />
  ElseIf iShiftBits=31 Then<br />
    If lValue And &H80000000 Then<br />
      RShift=1<br />
    Else<br />
      RShift=0<br />
    End If<br />
    Exit Function<br />
  ElseIf iShiftBits<0 Or iShiftBits>31 Then<br />
    Err.Raise 6<br />
  End If<br />
  <br />
  RShift=(lValue And &H7FFFFFFE)\m_l2Power(iShiftBits)<br />
<br />
  If (lValue And &H80000000) Then<br />
    RShift=(RShift Or (&H40000000\m_l2Power(iShiftBits-1)))<br />
  End If<br />
End Function<br />
<br />
Private Function RotateLeft(lValue,iShiftBits)<br />
  RotateLeft=LShift(lValue,iShiftBits) Or RShift(lValue,(32-iShiftBits))<br />
End Function<br />
<br />
Private Function AddUnsigned(lX,lY)<br />
  Dim lX4<br />
  Dim lY4<br />
  Dim lX8<br />
  Dim lY8<br />
  Dim lResult<br />
<br />
  lX8=lX And &H80000000<br />
  lY8=lY And &H80000000<br />
  lX4=lX And &H40000000<br />
  lY4=lY And &H40000000<br />
<br />
  lResult=(lX And &H3FFFFFFF)+(lY And &H3FFFFFFF)<br />
<br />
  If lX4 And lY4 Then<br />
    lResult=lResult Xor &H80000000 Xor lX8 Xor lY8<br />
  ElseIf lX4 Or lY4 Then<br />
    If lResult And &H40000000 Then<br />
      lResult=lResult Xor &HC0000000 Xor lX8 Xor lY8<br />
    Else<br />
      lResult=lResult Xor &H40000000 Xor lX8 Xor lY8<br />
    End If<br />
  Else<br />
    lResult=lResult Xor lX8 Xor lY8<br />
  End If<br />
<br />
  AddUnsigned=lResult<br />
End Function<br />
<br />
Private Function F(x,y,z)<br />
  F=(x And y) Or ((Not x) And z)<br />
End Function<br />
<br />
Private Function G(x,y,z)<br />
  G=(x And z) Or (y And (Not z))<br />
End Function<br />
<br />
Private Function H(x,y,z)<br />
  H=(x Xor y Xor z)<br />
End Function<br />
<br />
Private Function I(x,y,z)<br />
  I=(y Xor (x Or (Not z)))<br />
End Function<br />
<br />
Private Sub FF(a,b,c,d,x,s,ac)<br />
  a=AddUnsigned(a,AddUnsigned(AddUnsigned(F(b,c,d),x),ac))<br />
  a=RotateLeft(a,s)<br />
  a=AddUnsigned(a,b)<br />
End Sub<br />
<br />
Private Sub GG(a,b,c,d,x,s,ac)<br />
  a=AddUnsigned(a,AddUnsigned(AddUnsigned(G(b,c,d),x),ac))<br />
  a=RotateLeft(a,s)<br />
  a=AddUnsigned(a,b)<br />
End Sub<br />
<br />
Private Sub HH(a,b,c,d,x,s,ac)<br />
  a=AddUnsigned(a,AddUnsigned(AddUnsigned(H(b,c,d),x),ac))<br />
  a=RotateLeft(a,s)<br />
  a=AddUnsigned(a,b)<br />
End Sub<br />
<br />
Private Sub II(a,b,c,d,x,s,ac)<br />
  a=AddUnsigned(a,AddUnsigned(AddUnsigned(I(b,c,d),x),ac))<br />
  a=RotateLeft(a,s)<br />
  a=AddUnsigned(a,b)<br />
End Sub<br />
<br />
Private Function ConvertToWordArray(sMessage)<br />
  Dim lMessageLength<br />
  Dim lNumberOfWords<br />
  Dim lWordArray()<br />
  Dim lBytePosition<br />
  Dim lByteCount<br />
  Dim lWordCount<br />
  <br />
  Const MODULUS_BITS=512<br />
  Const CONGRUENT_BITS=448<br />
  <br />
  lMessageLength=Len(sMessage)<br />
  <br />
  lNumberOfWords=(((lMessageLength+((MODULUS_BITS-CONGRUENT_BITS)\BITS_TO_A_BYTE))\(MODULUS_BITS\BITS_TO_A_BYTE))+1)*(MODULUS_BITS\BITS_TO_A_WORD)<br />
  ReDim lWordArray(lNumberOfWords-1)<br />
  <br />
  lBytePosition=0<br />
  lByteCount=0<br />
  Do Until lByteCount >=lMessageLength<br />
    lWordCount=lByteCount\BYTES_TO_A_WORD<br />
    lBytePosition=(lByteCount Mod BYTES_TO_A_WORD)*BITS_TO_A_BYTE<br />
    lWordArray(lWordCount)=lWordArray(lWordCount) Or LShift(Asc(Mid(sMessage,lByteCount+1,1)),lBytePosition)<br />
    lByteCount=lByteCount+1<br />
  Loop<br />
<br />
  lWordCount=lByteCount\BYTES_TO_A_WORD<br />
  lBytePosition=(lByteCount Mod BYTES_TO_A_WORD)*BITS_TO_A_BYTE<br />
<br />
  lWordArray(lWordCount)=lWordArray(lWordCount) Or LShift(&H80,lBytePosition)<br />
<br />
  lWordArray(lNumberOfWords-2)=LShift(lMessageLength,3)<br />
  lWordArray(lNumberOfWords-1)=RShift(lMessageLength,29)<br />
  <br />
  ConvertToWordArray=lWordArray<br />
End Function<br />
<br />
Private Function WordToHex(lValue)<br />
  Dim lByte<br />
  Dim lCount<br />
  <br />
  For lCount=0 To 3<br />
    lByte=RShift(lValue,lCount*BITS_TO_A_BYTE) And m_lOnBits(BITS_TO_A_BYTE-1)<br />
    WordToHex=WordToHex & Right("0" & Hex(lByte),2)<br />
  Next<br />
End Function<br />
<br />
Public Function MD5(sMessage)<br />
  Dim x<br />
  Dim k<br />
  Dim AA<br />
  Dim BB<br />
  Dim CC<br />
  Dim DD<br />
  Dim a<br />
  Dim b<br />
  Dim c<br />
  Dim d<br />
  <br />
  Const S11=7<br />
  Const S12=12<br />
  Const S13=17<br />
  Const S14=22<br />
  Const S21=5<br />
  Const S22=9<br />
  Const S23=14<br />
  Const S24=20<br />
  Const S31=4<br />
  Const S32=11<br />
  Const S33=16<br />
  Const S34=23<br />
  Const S41=6<br />
  Const S42=10<br />
  Const S43=15<br />
  Const S44=21<br />
<br />
  x=ConvertToWordArray(sMessage)<br />
  <br />
  a=&H67452301<br />
  b=&HEFCDAB89<br />
  c=&H98BADCFE<br />
  d=&H10325476<br />
<br />
  For k=0 To UBound(x) Step 16<br />
    AA=a<br />
    BB=b<br />
    CC=c<br />
    DD=d<br />
<br />
    FF a,b,c,d,x(k+0),S11,&HD76AA478<br />
    FF d,a,b,c,x(k+1),S12,&HE8C7B756<br />
    FF c,d,a,b,x(k+2),S13,&H242070DB<br />
    FF b,c,d,a,x(k+3),S14,&HC1BDCEEE<br />
    FF a,b,c,d,x(k+4),S11,&HF57C0FAF<br />
    FF d,a,b,c,x(k+5),S12,&H4787C62A<br />
    FF c,d,a,b,x(k+6),S13,&HA8304613<br />
    FF b,c,d,a,x(k+7),S14,&HFD469501<br />
    FF a,b,c,d,x(k+8),S11,&H698098D8<br />
    FF d,a,b,c,x(k+9),S12,&H8B44F7AF<br />
    FF c,d,a,b,x(k+10),S13,&HFFFF5BB1<br />
    FF b,c,d,a,x(k+11),S14,&H895CD7BE<br />
    FF a,b,c,d,x(k+12),S11,&H6B901122<br />
    FF d,a,b,c,x(k+13),S12,&HFD987193<br />
    FF c,d,a,b,x(k+14),S13,&HA679438E<br />
    FF b,c,d,a,x(k+15),S14,&H49B40821<br />
<br />
    GG a,b,c,d,x(k+1),S21,&HF61E2562<br />
    GG d,a,b,c,x(k+6),S22,&HC040B340<br />
    GG c,d,a,b,x(k+11),S23,&H265E5A51<br />
    GG b,c,d,a,x(k+0),S24,&HE9B6C7AA<br />
    GG a,b,c,d,x(k+5),S21,&HD62F105D<br />
    GG d,a,b,c,x(k+10),S22,&H2441453<br />
    GG c,d,a,b,x(k+15),S23,&HD8A1E681<br />
    GG b,c,d,a,x(k+4),S24,&HE7D3FBC8<br />
    GG a,b,c,d,x(k+9),S21,&H21E1CDE6<br />
    GG d,a,b,c,x(k+14),S22,&HC33707D6<br />
    GG c,d,a,b,x(k+3),S23,&HF4D50D87<br />
    GG b,c,d,a,x(k+8),S24,&H455A14ED<br />
    GG a,b,c,d,x(k+13),S21,&HA9E3E905<br />
    GG d,a,b,c,x(k+2),S22,&HFCEFA3F8<br />
    GG c,d,a,b,x(k+7),S23,&H676F02D9<br />
    GG b,c,d,a,x(k+12),S24,&H8D2A4C8A<br />
        <br />
    HH a,b,c,d,x(k+5),S31,&HFFFA3942<br />
    HH d,a,b,c,x(k+8),S32,&H8771F681<br />
    HH c,d,a,b,x(k+11),S33,&H6D9D6122<br />
    HH b,c,d,a,x(k+14),S34,&HFDE5380C<br />
    HH a,b,c,d,x(k+1),S31,&HA4BEEA44<br />
    HH d,a,b,c,x(k+4),S32,&H4BDECFA9<br />
    HH c,d,a,b,x(k+7),S33,&HF6BB4B60<br />
    HH b,c,d,a,x(k+10),S34,&HBEBFBC70<br />
    HH a,b,c,d,x(k+13),S31,&H289B7EC6<br />
    HH d,a,b,c,x(k+0),S32,&HEAA127FA<br />
    HH c,d,a,b,x(k+3),S33,&HD4EF3085<br />
    HH b,c,d,a,x(k+6),S34,&H4881D05<br />
    HH a,b,c,d,x(k+9),S31,&HD9D4D039<br />
    HH d,a,b,c,x(k+12),S32,&HE6DB99E5<br />
    HH c,d,a,b,x(k+15),S33,&H1FA27CF8<br />
    HH b,c,d,a,x(k+2),S34,&HC4AC5665<br />
<br />
    II a,b,c,d,x(k+0),S41,&HF4292244<br />
    II d,a,b,c,x(k+7),S42,&H432AFF97<br />
    II c,d,a,b,x(k+14),S43,&HAB9423A7<br />
    II b,c,d,a,x(k+5),S44,&HFC93A039<br />
    II a,b,c,d,x(k+12),S41,&H655B59C3<br />
    II d,a,b,c,x(k+3),S42,&H8F0CCC92<br />
    II c,d,a,b,x(k+10),S43,&HFFEFF47D<br />
    II b,c,d,a,x(k+1),S44,&H85845DD1<br />
    II a,b,c,d,x(k+8),S41,&H6FA87E4F<br />
    II d,a,b,c,x(k+15),S42,&HFE2CE6E0<br />
    II c,d,a,b,x(k+6),S43,&HA3014314<br />
    II b,c,d,a,x(k+13),S44,&H4E0811A1<br />
    II a,b,c,d,x(k+4),S41,&HF7537E82<br />
    II d,a,b,c,x(k+11),S42,&HBD3AF235<br />
    II c,d,a,b,x(k+2),S43,&H2AD7D2BB<br />
    II b,c,d,a,x(k+9),S44,&HEB86D391<br />
<br />
    a=AddUnsigned(a,AA)<br />
    b=AddUnsigned(b,BB)<br />
    c=AddUnsigned(c,CC)<br />
    d=AddUnsigned(d,DD)<br />
  Next<br />
  <br />
  MD5=LCase(WordToHex(a) & WordToHex(b) & WordToHex(c) & WordToHex(d))<br />
End Function<br />
%><br />


Big Grin | :-D

------------------------------------------
Hey! Stop reading my signature... stop it!
hmm... you're still reading it...
Generalits a pretty good article Pin
Horatiu CRISTEA31-Jan-02 23:30
memberHoratiu CRISTEA31-Jan-02 23:30 
GeneralRe: its a pretty good article Pin
tommy skaue1-Feb-02 0:18
membertommy skaue1-Feb-02 0:18 
GeneralRe: its a pretty good article Pin
Horatiu CRISTEA1-Feb-02 2:18
memberHoratiu CRISTEA1-Feb-02 2:18 
GeneralRe: its a pretty good article Pin
tommy skaue1-Feb-02 2:18
membertommy skaue1-Feb-02 2:18 
GeneralTommy's son (off-topic) Pin
Oz22-Jan-02 3:29
memberOz22-Jan-02 3:29 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

Permalink | Advertise | Privacy | Terms of Use | Mobile
Web01 | 2.8.170525.1 | Last Updated 20 Jan 2002
Article Copyright 2002 by tommy skaue
Everything else Copyright © CodeProject, 1999-2017
Layout: fixed | fluid