Matching username & password at server side in socket programming

Question

1.00/5 (1 vote)

See more:

Hi!! I am working on a college projec.
I am designing a net banking system consisting of 2 different i.e. a server(admin) and a client(customer).

I don't know how to match the username & password sent by the client to the server & match those details on the server side and give access to the client.

Can anyone help me with the code.
TCP connection in vb.net is what I am looking for.

Please help guys as I've to submit the project very soon.....

Posted 9-Mar-11 19:14pm

Pritam N. Bohra

Add a Solution

Comments

Sergey Alexandrovich Kryukov 10-Mar-11 1:30am

What have you done so far?
--SA

Pritam N. Bohra 10-Mar-11 5:18am

Brother I am not using hashing or any other technique.
My back end is MS Access.
I have to match the password & useraccount number from the database.
On the client side: When the client logs in by providing the password & user account number the server accepts it and matches with the stored info in the database.
I don't know how to code this in vb.net

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

OriginalGriff · Answer 1 · 2011-03-09T20:15:00

Normally, the user id is held in a database table, and the password is hashed and also stored: so you are never storing the password in clear. Frequently, the password is combined with the username before it is hashed to prevent two users with the same password from generating the same hash.

Because hashing is not encryption - encryption can be reversed, hashing can't - the password is never stored in a readable format, so database intrusion cannot reveal any passwords. When you check a user login, you regenerate the hash from the information he supplied, and check that against the database stored value. If it matches, log him in!

Often the hash is MD5, but that is not recommended for new designs, and MD5 is officialy "broken" - it is possible in some cases to generate a type-able password from teh hash value - and it is recommended to use SHA instead. .NET supports MD5 and SHA as part of the System.Cryptography[^] namespace.

The SHA256 Class[^] includes a small example of how to hash information.