Last post Sep 21, 2017 11:55 PM by ScottyB
Jun 01, 2016 02:03 PM|stefan505|LINK
Is there a way to ensure that a password generated (hashed) for a user can only be used / associated by that user?
In other words I want to prevent:
I understand that users CAN have the same passwords if they happen to create it with the same value. I want to try and prevent the above scenario. Was thinking about the possibility of using the username as part of the password hashing / verification process.
Jun 02, 2016 09:06 AM|Yohann Lu|LINK
Was thinking about the possibility of using the username as part of the password hashing / verification process.
I think you can use username as part of the password hashing/verification process. When the user login, you can check whether the hash value (user + pass) are the same with database values.
You can refer the following tutorials.
1: Hashing Passwords using ASP.NET's Crypto Class:
2: Password Hashing:
Sep 21, 2017 11:55 PM|ScottyB|LINK
Did you get any kind of resolution with this question, as I am currently looking at the same scenario?