近期刚好做新框架的用户数据安全这块
密码的保护措施:混淆加密--------------------------------拙见----------贴上代码--请指教
1:生成混淆数据,---存入数据表字段
2:获取密码混淆加密字符串-----存入数据表字段
/*---------------------------------------混淆字符串-----------------------------------------------------------*/
/// <summary> /// 根据26个字母(大小写)和1~9数字组成的字符串中随机生成一定长度的字符串 /// </summary> /// <param name="len">长度</param> /// <returns>返回字符串</returns> public static string CreateRandomStr(int len) { return GetRandomString("123456789abcdefghijklmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ", len); } //获取随机字段 public static string GetRandomString(string pwdchars, int len) { Random randomSeed = new Random(); StringBuilder builder = new StringBuilder(len); for (int i = 0; i < len; i++) { builder.Append(pwdchars[randomSeed.Next(pwdchars.Length)]); } return builder.ToString(); }
/*-----------------------------------------加密数据------------------------------------------------*/ /// <summary> /// 对字符串str加密后再增加混淆串字符key一起进行加密后得到的字符串,两次都是采用MD5(string str)方法 /// </summary> /// <param name="pass">字符串</param> /// <param name="key">混淆串字符</param> /// <returns>加密后的字符串</returns> public static string GetPass(string pass, string key) { //调用MD5生成密码 return MD5(MD5(pass) + key); } /// <summary> /// MD5加密(去除“-”)得到字符串 /// </summary> /// <param name="str">字符串</param> /// <returns>加密后的字符串</returns> public static string MD5(string str) { MD5 md5 = new MD5CryptoServiceProvider(); string t2 = BitConverter.ToString(md5.ComputeHash(Encoding.Default.GetBytes(str))); t2 = t2.Replace("-", "").ToLower(); return t2; }