Click here to Skip to main content
15,919,749 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
Hello,

I want to encrypt/ decrypt password in classic ASP to prevent from SQL Injection and Cross site scripting..
Please help..

Thank you in advance..
Posted

It is better use google before losing all hope ;-)

Click Here

This will answer your question.
 
Share this answer
 
Encrypting passwords won;'t help you with SQL injection, or cross site scripting because those forms of attack aren't normally used for passwords anyway...

And that's ignoring that you should never encrypt passwords because it's a major security risk: Password Storage: How to do it.[^]

You handle SQL Injection by using parametrized queries throughout your application instead of concatenating strings, and cross-site scripting is a much more complex problem than that! see here:
http://en.wikipedia.org/wiki/Cross-site_scripting[^] - there is a section on prevention
and here: http://www.acunetix.com/blog/web-security-zone/articles/preventing-xss-attacks/[^] which may help.
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900