You should store it in its encrypted form, and when the user enters his password, you should encrypt it, and compare it with the version in the database. Here's some encryption code. Converting it to VB shouldn't be an issue - if you want to do it fast, use one of the free online converters. Of course, you could just put this code into a C# assembly, and use it as is:
using System;
using System.IO;
using System.Text;
using System.Security.Cryptography;
namespace Paddedwall.CryptoLib
{
public class Crypto
{
#region enums, constants & fields
public enum CryptoTypes
{
encTypeDES = 0,
encTypeRC2,
encTypeRijndael,
encTypeTripleDES
}
private const string CRYPT_DEFAULT_PASSWORD = "CB06cfE507a1";
private const CryptoTypes CRYPT_DEFAULT_METHOD = CryptoTypes.encTypeRijndael;
private byte[] mKey = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24};
private byte[] mIV = {65, 110, 68, 26, 69, 178, 200, 219};
private byte[] SaltByteArray = {0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76};
private CryptoTypes mCryptoType = CRYPT_DEFAULT_METHOD;
private string mPassword = CRYPT_DEFAULT_PASSWORD;
#endregion
#region Constructors
public Crypto()
{
calculateNewKeyAndIV();
}
public Crypto(CryptoTypes CryptoType)
{
this.CryptoType = CryptoType;
}
#endregion
#region Props
public CryptoTypes CryptoType
{
get
{
return mCryptoType;
}
set
{
if (mCryptoType != value)
{
mCryptoType = value;
calculateNewKeyAndIV();
}
}
}
public string Password
{
get
{
return mPassword;
}
set
{
if (mPassword != value)
{
mPassword = value;
calculateNewKeyAndIV();
}
}
}
#endregion
#region Encryption
public string Encrypt(string inputText)
{
UTF8Encoding UTF8Encoder = new UTF8Encoding();
byte[] inputBytes = UTF8Encoder.GetBytes(inputText);
return Convert.ToBase64String(EncryptDecrypt(inputBytes,true));
}
public string Encrypt(string inputText, string password)
{
this.Password = password;
return this.Encrypt(inputText);
}
public string Encrypt(string inputText, string password, CryptoTypes cryptoType)
{
mCryptoType = cryptoType;
return this.Encrypt(inputText,password);
}
public string Encrypt(string inputText, CryptoTypes cryptoType)
{
this.CryptoType = cryptoType;
return this.Encrypt(inputText);
}
#endregion
#region Decryption
public string Decrypt(string inputText)
{
UTF8Encoding UTF8Encoder = new UTF8Encoding();
byte[] inputBytes = Convert.FromBase64String(inputText);
return UTF8Encoder.GetString(EncryptDecrypt(inputBytes,false));
}
public string Decrypt(string inputText, string password)
{
this.Password = password;
return Decrypt(inputText);
}
public string Decrypt(string inputText, string password, CryptoTypes cryptoType)
{
mCryptoType = cryptoType;
return Decrypt(inputText,password);
}
public string Decrypt(string inputText, CryptoTypes cryptoType)
{
this.CryptoType = cryptoType;
return Decrypt(inputText);
}
#endregion
#region Symmetric Engine
private byte[] EncryptDecrypt(byte[] inputBytes, bool Encrpyt)
{
ICryptoTransform transform = getCryptoTransform(Encrpyt);
MemoryStream memStream = new MemoryStream();
try
{
CryptoStream cryptStream = new CryptoStream(memStream,transform,CryptoStreamMode.Write);
cryptStream.Write(inputBytes,0,inputBytes.Length);
cryptStream.FlushFinalBlock();
byte[] output = memStream.ToArray();
cryptStream.Close();
return output;
}
catch (Exception e)
{
throw new Exception("Error in symmetric engine. Error : " + e.Message,e);
}
}
private ICryptoTransform getCryptoTransform(bool encrypt)
{
SymmetricAlgorithm SA = selectAlgorithm();
SA.Key = mKey;
SA.IV = mIV;
if (encrypt)
{
return SA.CreateEncryptor();
}else
{
return SA.CreateDecryptor();
}
}
private SymmetricAlgorithm selectAlgorithm()
{
SymmetricAlgorithm SA;
switch (mCryptoType)
{
case CryptoTypes.encTypeDES:
SA = DES.Create();
break;
case CryptoTypes.encTypeRC2:
SA = RC2.Create();
break;
case CryptoTypes.encTypeRijndael:
SA = Rijndael.Create();
break;
case CryptoTypes.encTypeTripleDES:
SA = TripleDES.Create();
break;
default:
SA = TripleDES.Create();
break;
}
return SA;
}
private void calculateNewKeyAndIV()
{
PasswordDeriveBytes pdb = new PasswordDeriveBytes(mPassword,SaltByteArray);
SymmetricAlgorithm algo = selectAlgorithm();
mKey = pdb.GetBytes(algo.KeySize / 8);
mIV = pdb.GetBytes(algo.BlockSize / 8);
}
#endregion
}
public class Hashing
{
#region enum, constants and fields
public enum HashingTypes
{
SHA, SHA256, SHA384, SHA512, MD5
}
#endregion
#region static members
public static string Hash(String inputText)
{
return ComputeHash(inputText,HashingTypes.MD5);
}
public static string Hash(String inputText, HashingTypes hashingType)
{
return ComputeHash(inputText,hashingType);
}
public static bool isHashEqual(string inputText, string hashText)
{
return (Hash(inputText) == hashText);
}
public static bool isHashEqual(string inputText, string hashText, HashingTypes hashingType)
{
return (Hash(inputText,hashingType) == hashText);
}
#endregion
#region Hashing Engine
private static string ComputeHash(string inputText, HashingTypes hashingType)
{
HashAlgorithm HA = getHashAlgorithm(hashingType);
UTF8Encoding UTF8Encoder = new UTF8Encoding();
byte[] inputBytes = UTF8Encoder.GetBytes(inputText);
byte[] output = HA.ComputeHash(inputBytes);
return Convert.ToBase64String(output);
}
private static HashAlgorithm getHashAlgorithm(HashingTypes hashingType)
{
switch (hashingType)
{
case HashingTypes.MD5 :
return new MD5CryptoServiceProvider();
case HashingTypes.SHA :
return new SHA1CryptoServiceProvider();
case HashingTypes.SHA256 :
return new SHA256Managed();
case HashingTypes.SHA384 :
return new SHA384Managed();
case HashingTypes.SHA512 :
return new SHA512Managed();
default :
return new MD5CryptoServiceProvider();
}
}
#endregion
}
}